2025-09-08 00:48:47 -05:00
|
|
|
package internal
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
"os"
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"github.com/golang-jwt/jwt/v5"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Claims struct {
|
|
|
|
|
Username string `json:"u"`
|
|
|
|
|
JFToken string `json:"t"`
|
|
|
|
|
jwt.RegisteredClaims
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var sessionKey = []byte(os.Getenv("PEGASUS_SESSION_KEY"))
|
2025-09-15 12:09:02 -05:00
|
|
|
var cookieSecure = os.Getenv("PEGASUS_COOKIE_INSECURE") != "1"
|
2025-09-08 00:48:47 -05:00
|
|
|
|
|
|
|
|
const CookieName = "pegasus_session"
|
|
|
|
|
|
|
|
|
|
func SetSession(w http.ResponseWriter, username, jfToken string) error {
|
|
|
|
|
now := time.Now()
|
|
|
|
|
tok := jwt.NewWithClaims(jwt.SigningMethodHS256, Claims{
|
|
|
|
|
Username: username,
|
|
|
|
|
JFToken: jfToken,
|
|
|
|
|
RegisteredClaims: jwt.RegisteredClaims{
|
|
|
|
|
ExpiresAt: jwt.NewNumericDate(now.Add(7 * 24 * time.Hour)),
|
|
|
|
|
IssuedAt: jwt.NewNumericDate(now),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
signed, err := tok.SignedString(sessionKey)
|
|
|
|
|
if err != nil { return err }
|
2025-09-15 12:09:02 -05:00
|
|
|
http.SetCookie(w, &http.Cookie{
|
|
|
|
|
Name: CookieName,
|
|
|
|
|
Value: signed,
|
|
|
|
|
Path: "/",
|
|
|
|
|
HttpOnly: true,
|
|
|
|
|
Secure: cookieSecure,
|
|
|
|
|
SameSite: http.SameSiteLaxMode,
|
|
|
|
|
})
|
2025-09-08 00:48:47 -05:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ClearSession(w http.ResponseWriter) {
|
|
|
|
|
http.SetCookie(w, &http.Cookie{Name: CookieName, Value: "", Expires: time.Unix(0,0), Path: "/", HttpOnly: true, Secure: true, SameSite: http.SameSiteLaxMode})
|
|
|
|
|
}
|
