diff options
author | Jakob Borg <jakob@kastelo.net> | 2024-01-04 11:07:12 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-01-04 10:07:12 +0000 |
commit | aa901790b99e13c6cbf2bb3fda9b8ba3b765d700 (patch) | |
tree | 76ca687c3fefe3701de174ad9a17136fe6b23b70 /proto | |
parent | 17df4b8634b55cee8961480272daca70e30009ed (diff) | |
download | syncthing-aa901790b99e13c6cbf2bb3fda9b8ba3b765d700.tar.gz syncthing-aa901790b99e13c6cbf2bb3fda9b8ba3b765d700.zip |
lib/api: Save session & CSRF tokens to database, add option to stay logged in (fixes #9151) (#9284)
This adds a "token manager" which handles storing and checking expired
tokens, used for both sessions and CSRF tokens. It removes the old,
corresponding functionality for CSRFs which saved things in a file. The
result is less crap in the state directory, and active login sessions
now survive a Syncthing restart (this really annoyed me).
It also adds a boolean on login to create a longer-lived session cookie,
which is now possible and useful. Thus we can remain logged in over
browser restarts, which was also annoying... :)
<img width="1001" alt="Screenshot 2023-12-12 at 09 56 34"
src="https://github.com/syncthing/syncthing/assets/125426/55cb20c8-78fc-453e-825d-655b94c8623b">
Best viewed with whitespace-insensitive diff, as a bunch of the auth
functions became methods instead of closures which changed indentation.
Diffstat (limited to 'proto')
-rw-r--r-- | proto/generate.go | 2 | ||||
-rw-r--r-- | proto/lib/api/tokenset.proto | 8 |
2 files changed, 9 insertions, 1 deletions
diff --git a/proto/generate.go b/proto/generate.go index 03be4522e..c264868d8 100644 --- a/proto/generate.go +++ b/proto/generate.go @@ -26,7 +26,7 @@ import ( // Inception, go generate calls the script itself that then deals with generation. // This is only done because go:generate does not support wildcards in paths. -//go:generate go run generate.go lib/protocol lib/config lib/fs lib/db lib/discover +//go:generate go run generate.go lib/protocol lib/config lib/fs lib/db lib/discover lib/api func main() { for _, path := range os.Args[1:] { diff --git a/proto/lib/api/tokenset.proto b/proto/lib/api/tokenset.proto new file mode 100644 index 000000000..bf3ff0842 --- /dev/null +++ b/proto/lib/api/tokenset.proto @@ -0,0 +1,8 @@ +syntax = "proto3"; + +package api; + +message TokenSet { + // token -> expiry time (epoch nanoseconds) + map<string, int64> tokens = 1; +} |