From 0518bac62eaa4d71ddd75b36625562295be29b1f Mon Sep 17 00:00:00 2001 From: Rory Powell Date: Tue, 28 Sep 2021 16:35:31 +0100 Subject: [PATCH] Set cookie domain to fix logout --- .../kubernetes/budibase/{ => templates}/.helmignore | 0 .../budibase/templates/app-service-deployment.yaml | 2 ++ .../templates/worker-service-deployment.yaml | 2 ++ hosting/kubernetes/budibase/values.yaml | 1 + packages/auth/src/environment.js | 1 + packages/auth/src/utils.js | 12 ++++++++++-- 6 files changed, 16 insertions(+), 2 deletions(-) rename hosting/kubernetes/budibase/{ => templates}/.helmignore (100%) diff --git a/hosting/kubernetes/budibase/.helmignore b/hosting/kubernetes/budibase/templates/.helmignore similarity index 100% rename from hosting/kubernetes/budibase/.helmignore rename to hosting/kubernetes/budibase/templates/.helmignore diff --git a/hosting/kubernetes/budibase/templates/app-service-deployment.yaml b/hosting/kubernetes/budibase/templates/app-service-deployment.yaml index b101ab7854..5d9aee2619 100644 --- a/hosting/kubernetes/budibase/templates/app-service-deployment.yaml +++ b/hosting/kubernetes/budibase/templates/app-service-deployment.yaml @@ -94,6 +94,8 @@ spec: value: {{ .Values.globals.sentryDSN }} - name: WORKER_URL value: worker-service:{{ .Values.services.worker.port }} + - name: COOKIE_DOMAIN + value: {{ .Values.globals.cookieDomain | quote }} image: budibase/apps imagePullPolicy: Always name: bbapps diff --git a/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml b/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml index 6c165872c8..98a921a8a6 100644 --- a/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml +++ b/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml @@ -89,6 +89,8 @@ spec: value: {{ .Values.globals.selfHosted | quote }} - name: ACCOUNT_PORTAL_URL value: {{ .Values.globals.accountPortalUrl | quote }} + - name: COOKIE_DOMAIN + value: {{ .Values.globals.cookieDomain | quote }} image: budibase/worker imagePullPolicy: Always name: bbworker diff --git a/hosting/kubernetes/budibase/values.yaml b/hosting/kubernetes/budibase/values.yaml index 1113842c8b..c9b2549b30 100644 --- a/hosting/kubernetes/budibase/values.yaml +++ b/hosting/kubernetes/budibase/values.yaml @@ -90,6 +90,7 @@ globals: logLevel: info selfHosted: 1 accountPortalUrL: "" + cookieDomain: "" createSecrets: true # creates an internal API key, JWT secrets and redis password for you # if createSecrets is set to false, you can hard-code your secrets here diff --git a/packages/auth/src/environment.js b/packages/auth/src/environment.js index bae5c65a1b..da24afc8a0 100644 --- a/packages/auth/src/environment.js +++ b/packages/auth/src/environment.js @@ -22,6 +22,7 @@ module.exports = { MULTI_TENANCY: process.env.MULTI_TENANCY, ACCOUNT_PORTAL_URL: process.env.ACCOUNT_PORTAL_URL, SELF_HOSTED: !!parseInt(process.env.SELF_HOSTED), + COOKIE_DOMAIN: process.env.COOKIE_DOMAIN, isTest, _set(key, value) { process.env[key] = value diff --git a/packages/auth/src/utils.js b/packages/auth/src/utils.js index 5936948fd7..f03ae300f7 100644 --- a/packages/auth/src/utils.js +++ b/packages/auth/src/utils.js @@ -4,6 +4,7 @@ const { options } = require("./middleware/passport/jwt") const { createUserEmailView } = require("./db/views") const { Headers } = require("./constants") const { getGlobalDB } = require("./tenancy") +const environment = require("./environment") const APP_PREFIX = DocumentTypes.APP + SEPARATOR @@ -70,12 +71,19 @@ exports.setCookie = (ctx, value, name = "builder") => { ctx.cookies.set(name) } else { value = jwt.sign(value, options.secretOrKey) - ctx.cookies.set(name, value, { + + const config = { maxAge: Number.MAX_SAFE_INTEGER, path: "/", httpOnly: false, overwrite: true, - }) + } + + if (environment.COOKIE_DOMAIN) { + config.domain = environment.COOKIE_DOMAIN + } + + ctx.cookies.set(name, value, config) } }