// Copyright 2023 The Gitea Authors. All rights reserved. // SPDX-License-Identifier: MIT package context import ( "net/http" "strings" auth_model "code.gitea.io/gitea/models/auth" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/web/middleware" ) const CookieNameFlash = "gitea_flash" func removeSessionCookieHeader(w http.ResponseWriter) { cookies := w.Header()["Set-Cookie"] w.Header().Del("Set-Cookie") for _, cookie := range cookies { if strings.HasPrefix(cookie, setting.SessionConfig.CookieName+"=") { continue } w.Header().Add("Set-Cookie", cookie) } } // SetSiteCookie convenience function to set most cookies consistently // CSRF and a few others are the exception here func (ctx *Context) SetSiteCookie(name, value string, maxAge int) { middleware.SetSiteCookie(ctx.Resp, name, value, maxAge) } // DeleteSiteCookie convenience function to delete most cookies consistently // CSRF and a few others are the exception here func (ctx *Context) DeleteSiteCookie(name string) { middleware.SetSiteCookie(ctx.Resp, name, "", -1) } // GetSiteCookie returns given cookie value from request header. func (ctx *Context) GetSiteCookie(name string) string { return middleware.GetSiteCookie(ctx.Req, name) } // SetLTACookie will generate a LTA token and add it as an cookie. func (ctx *Context) SetLTACookie(u *user_model.User) error { days := 86400 * setting.LogInRememberDays lookup, validator, err := auth_model.GenerateAuthToken(ctx, u.ID, timeutil.TimeStampNow().Add(int64(days)), auth_model.LongTermAuthorization) if err != nil { return err } ctx.SetSiteCookie(setting.CookieRememberName, lookup+":"+validator, days) return nil }