From bca88ee1cc25e1853d0004efe9f260d19ea6109f Mon Sep 17 00:00:00 2001 From: MickaelK Date: Mon, 1 Dec 2025 23:29:57 +1100 Subject: [PATCH] fix (session): expand session information To handle scenarios where we need to know the whole session information to make decisions such as in our use case: authorisation --- server/common/config.go | 1 + server/common/crypto.go | 3 ++- server/ctrl/session.go | 10 ++++++++-- server/ctrl/tmpl.go | 10 +++++++--- 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/server/common/config.go b/server/common/config.go index 9dfb7361..1dc185c2 100644 --- a/server/common/config.go +++ b/server/common/config.go @@ -84,6 +84,7 @@ func NewConfiguration() Configuration { FormElement{Name: "filepage_default_view", Type: "select", Default: "grid", Opts: []string{"list", "grid"}, Description: "Default layout for files and folder on the file page"}, FormElement{Name: "filepage_default_sort", Type: "select", Default: "type", Opts: []string{"type", "date", "name"}, Description: "Default order for files and folder on the file page"}, FormElement{Name: "cookie_timeout", Type: "number", Default: 60 * 24 * 7, Description: "Authentication Cookie expiration in minutes. Default: 60 * 24 * 7 = 1 week"}, + FormElement{Name: "extended_session", Type: "boolean", Default: false, Description: "Store extra auth data in session"}, FormElement{Name: "custom_css", Type: "long_text", Default: "", Description: "Set custom css code for your instance"}, }, }, diff --git a/server/common/crypto.go b/server/common/crypto.go index 0d80a078..d9955e8c 100644 --- a/server/common/crypto.go +++ b/server/common/crypto.go @@ -200,9 +200,10 @@ func GenerateID(params map[string]string) string { for _, key := range orderedKeys { switch key { - case "timestamp": case "password": case "path": + case "session": + case "timestamp": default: if val := params[key]; val != "" { p += key + "=>" + params[key] + ", " diff --git a/server/ctrl/session.go b/server/ctrl/session.go index dad60ea0..f0d395e3 100644 --- a/server/ctrl/session.go +++ b/server/ctrl/session.go @@ -320,7 +320,7 @@ func SessionAuthMiddleware(ctx *App, res http.ResponseWriter, req *http.Request) // Step2: End of the authentication process. Could come from: // - target of a html form. eg: ldap, mysql, ... // - identity provider redirection uri. eg: oauth2, openid, ... - templateBind, err := plugin.Callback(formData, idpParams, res) + pluginCallback, err := plugin.Callback(formData, idpParams, res) if err == ErrAuthenticationFailed { Log.Warning("failed authentication - %s", err.Error()) http.Redirect( @@ -340,7 +340,7 @@ func SessionAuthMiddleware(ctx *App, res http.ResponseWriter, req *http.Request) } else if err != nil { // response handled directly within a plugin return } - templateBind = TmplParams(templateBind) + templateBind := TmplParams(pluginCallback) var ( label = "" @@ -426,6 +426,12 @@ func SessionAuthMiddleware(ctx *App, res http.ResponseWriter, req *http.Request) mappingToUse[k] = out } mappingToUse["timestamp"] = time.Now().Format(time.RFC3339) + if label != "" && Config.Get("general.extended_session").Bool() { + pluginCallback["label"] = label + if jsonStr, err := json.Marshal(pluginCallback); err == nil { + mappingToUse["session"] = string(jsonStr) + } + } return mappingToUse, nil }(templateBind) if err != nil { diff --git a/server/ctrl/tmpl.go b/server/ctrl/tmpl.go index 3768b3c3..71e46244 100644 --- a/server/ctrl/tmpl.go +++ b/server/ctrl/tmpl.go @@ -38,14 +38,18 @@ func TmplExec(params string, input map[string]string) (string, error) { } func TmplParams(data map[string]string) map[string]string { - data["machine_id"] = GenerateMachineID() + out := map[string]string{} + for key, value := range data { + out[key] = value + } + out["machine_id"] = GenerateMachineID() for _, value := range os.Environ() { pair := strings.SplitN(value, "=", 2) if len(pair) == 2 { - data[fmt.Sprintf("ENV_%s", pair[0])] = pair[1] + out[fmt.Sprintf("ENV_%s", pair[0])] = pair[1] } } - return data + return out } var tmplFuncs = template.FuncMap{