Set cookie domain to fix logout

2021-09-28 16:35:31 +01:00 · 2021-09-28 16:35:31 +01:00 · 0518bac62e
parent c03b9afbee
commit 0518bac62e
6 changed files with 16 additions and 2 deletions
--- a/hosting/kubernetes/budibase/templates/.helmignore
+++ b/hosting/kubernetes/budibase/templates/.helmignore
--- a/hosting/kubernetes/budibase/templates/app-service-deployment.yaml
+++ b/hosting/kubernetes/budibase/templates/app-service-deployment.yaml
@ -94,6 +94,8 @@ spec:
          value: {{ .Values.globals.sentryDSN }}
        - name: WORKER_URL
          value: worker-service:{{ .Values.services.worker.port }}
+        - name: COOKIE_DOMAIN
+          value: {{ .Values.globals.cookieDomain | quote }}
        image: budibase/apps
        imagePullPolicy: Always
        name: bbapps
--- a/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml
+++ b/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml
@ -89,6 +89,8 @@ spec:
          value: {{ .Values.globals.selfHosted | quote }}
        - name: ACCOUNT_PORTAL_URL
          value: {{ .Values.globals.accountPortalUrl | quote }}
+        - name: COOKIE_DOMAIN
+          value: {{ .Values.globals.cookieDomain | quote }}
        image: budibase/worker
        imagePullPolicy: Always
        name: bbworker
--- a/hosting/kubernetes/budibase/values.yaml
+++ b/hosting/kubernetes/budibase/values.yaml
@ -90,6 +90,7 @@ globals:
  logLevel: info
  selfHosted: 1
  accountPortalUrL: ""
+  cookieDomain: ""
  createSecrets: true # creates an internal API key, JWT secrets and redis password for you

  # if createSecrets is set to false, you can hard-code your secrets here
--- a/packages/auth/src/environment.js
+++ b/packages/auth/src/environment.js
@ -22,6 +22,7 @@ module.exports = {
  MULTI_TENANCY: process.env.MULTI_TENANCY,
  ACCOUNT_PORTAL_URL: process.env.ACCOUNT_PORTAL_URL,
  SELF_HOSTED: !!parseInt(process.env.SELF_HOSTED),
+  COOKIE_DOMAIN: process.env.COOKIE_DOMAIN,
  isTest,
  _set(key, value) {
    process.env[key] = value
--- a/packages/auth/src/utils.js
+++ b/packages/auth/src/utils.js
@ -4,6 +4,7 @@ const { options } = require("./middleware/passport/jwt")
 const { createUserEmailView } = require("./db/views")
 const { Headers } = require("./constants")
 const { getGlobalDB } = require("./tenancy")
+const environment = require("./environment")

 const APP_PREFIX = DocumentTypes.APP + SEPARATOR

@ -70,12 +71,19 @@ exports.setCookie = (ctx, value, name = "builder") => {
    ctx.cookies.set(name)
  } else {
    value = jwt.sign(value, options.secretOrKey)
-    ctx.cookies.set(name, value, {
+
+    const config = {
      maxAge: Number.MAX_SAFE_INTEGER,
      path: "/",
      httpOnly: false,
      overwrite: true,
-    })
+    }
+
+    if (environment.COOKIE_DOMAIN) {
+      config.domain = environment.COOKIE_DOMAIN
+    }
+
+    ctx.cookies.set(name, value, config)
  }
 }