forked from gitea/gitea
Use common sessioner for API and web routes (#18114)
* Use common sessioner for API and web routes Since the regenerate session ID PR some users of the memory session provider have been reporting difficulties with getting API results. I am uncertain as to why this is happening - but I think that the sessioner being created twice may be a potential cause for this. Therefore this PR attempts to move this out to a common sessioner as it is in 1.16. Fix #18070 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update routers/init.go
This commit is contained in:
parent
353d88a42e
commit
de3216ee55
|
@ -87,7 +87,6 @@ import (
|
||||||
"code.gitea.io/gitea/services/forms"
|
"code.gitea.io/gitea/services/forms"
|
||||||
|
|
||||||
"gitea.com/go-chi/binding"
|
"gitea.com/go-chi/binding"
|
||||||
"gitea.com/go-chi/session"
|
|
||||||
"github.com/go-chi/cors"
|
"github.com/go-chi/cors"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -547,20 +546,10 @@ func bind(obj interface{}) http.HandlerFunc {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Routes registers all v1 APIs routes to web application.
|
// Routes registers all v1 APIs routes to web application.
|
||||||
func Routes() *web.Route {
|
func Routes(sessioner func(next http.Handler) http.Handler) *web.Route {
|
||||||
var m = web.NewRoute()
|
var m = web.NewRoute()
|
||||||
|
|
||||||
m.Use(session.Sessioner(session.Options{
|
m.Use(sessioner)
|
||||||
Provider: setting.SessionConfig.Provider,
|
|
||||||
ProviderConfig: setting.SessionConfig.ProviderConfig,
|
|
||||||
CookieName: setting.SessionConfig.CookieName,
|
|
||||||
CookiePath: setting.SessionConfig.CookiePath,
|
|
||||||
Gclifetime: setting.SessionConfig.Gclifetime,
|
|
||||||
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
|
||||||
Secure: setting.SessionConfig.Secure,
|
|
||||||
SameSite: setting.SessionConfig.SameSite,
|
|
||||||
Domain: setting.SessionConfig.Domain,
|
|
||||||
}))
|
|
||||||
m.Use(securityHeaders())
|
m.Use(securityHeaders())
|
||||||
if setting.CORSConfig.Enabled {
|
if setting.CORSConfig.Enabled {
|
||||||
m.Use(cors.Handler(cors.Options{
|
m.Use(cors.Handler(cors.Options{
|
||||||
|
|
|
@ -40,6 +40,8 @@ import (
|
||||||
pull_service "code.gitea.io/gitea/services/pull"
|
pull_service "code.gitea.io/gitea/services/pull"
|
||||||
"code.gitea.io/gitea/services/repository"
|
"code.gitea.io/gitea/services/repository"
|
||||||
"code.gitea.io/gitea/services/webhook"
|
"code.gitea.io/gitea/services/webhook"
|
||||||
|
|
||||||
|
"gitea.com/go-chi/session"
|
||||||
)
|
)
|
||||||
|
|
||||||
// NewServices init new services
|
// NewServices init new services
|
||||||
|
@ -144,8 +146,20 @@ func NormalRoutes() *web.Route {
|
||||||
r.Use(middle)
|
r.Use(middle)
|
||||||
}
|
}
|
||||||
|
|
||||||
r.Mount("/", web_routers.Routes())
|
sessioner := session.Sessioner(session.Options{
|
||||||
r.Mount("/api/v1", apiv1.Routes())
|
Provider: setting.SessionConfig.Provider,
|
||||||
|
ProviderConfig: setting.SessionConfig.ProviderConfig,
|
||||||
|
CookieName: setting.SessionConfig.CookieName,
|
||||||
|
CookiePath: setting.SessionConfig.CookiePath,
|
||||||
|
Gclifetime: setting.SessionConfig.Gclifetime,
|
||||||
|
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
||||||
|
Secure: setting.SessionConfig.Secure,
|
||||||
|
SameSite: setting.SessionConfig.SameSite,
|
||||||
|
Domain: setting.SessionConfig.Domain,
|
||||||
|
})
|
||||||
|
|
||||||
|
r.Mount("/", web_routers.Routes(sessioner))
|
||||||
|
r.Mount("/api/v1", apiv1.Routes(sessioner))
|
||||||
r.Mount("/api/internal", private.Routes())
|
r.Mount("/api/internal", private.Routes())
|
||||||
return r
|
return r
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,7 +39,6 @@ import (
|
||||||
_ "code.gitea.io/gitea/modules/session"
|
_ "code.gitea.io/gitea/modules/session"
|
||||||
|
|
||||||
"gitea.com/go-chi/captcha"
|
"gitea.com/go-chi/captcha"
|
||||||
"gitea.com/go-chi/session"
|
|
||||||
"github.com/NYTimes/gziphandler"
|
"github.com/NYTimes/gziphandler"
|
||||||
"github.com/go-chi/chi/middleware"
|
"github.com/go-chi/chi/middleware"
|
||||||
"github.com/go-chi/cors"
|
"github.com/go-chi/cors"
|
||||||
|
@ -71,7 +70,7 @@ func CorsHandler() func(next http.Handler) http.Handler {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Routes returns all web routes
|
// Routes returns all web routes
|
||||||
func Routes() *web.Route {
|
func Routes(sessioner func(next http.Handler) http.Handler) *web.Route {
|
||||||
routes := web.NewRoute()
|
routes := web.NewRoute()
|
||||||
|
|
||||||
routes.Use(public.AssetsHandler(&public.Options{
|
routes.Use(public.AssetsHandler(&public.Options{
|
||||||
|
@ -80,17 +79,7 @@ func Routes() *web.Route {
|
||||||
CorsHandler: CorsHandler(),
|
CorsHandler: CorsHandler(),
|
||||||
}))
|
}))
|
||||||
|
|
||||||
routes.Use(session.Sessioner(session.Options{
|
routes.Use(sessioner)
|
||||||
Provider: setting.SessionConfig.Provider,
|
|
||||||
ProviderConfig: setting.SessionConfig.ProviderConfig,
|
|
||||||
CookieName: setting.SessionConfig.CookieName,
|
|
||||||
CookiePath: setting.SessionConfig.CookiePath,
|
|
||||||
Gclifetime: setting.SessionConfig.Gclifetime,
|
|
||||||
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
|
||||||
Secure: setting.SessionConfig.Secure,
|
|
||||||
SameSite: setting.SessionConfig.SameSite,
|
|
||||||
Domain: setting.SessionConfig.Domain,
|
|
||||||
}))
|
|
||||||
|
|
||||||
routes.Use(Recovery())
|
routes.Use(Recovery())
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue