From bf867c3fcf347b3425b52ecd1da8850d2526199b Mon Sep 17 00:00:00 2001 From: Omar Roth Date: Thu, 15 Nov 2018 16:41:43 -0600 Subject: [PATCH] Add cookie sharing with subdomains --- src/invidious.cr | 18 ++++++++++++++---- src/invidious/helpers/helpers.cr | 1 + 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/src/invidious.cr b/src/invidious.cr index 8c558ccf..87480e12 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -846,8 +846,13 @@ post "/login" do |env| secure = false end - env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", value: sid, expires: Time.now + 2.years, - secure: secure, http_only: true) + if CONFIG.domain + env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", domain: ".#{CONFIG.domain}", value: sid, expires: Time.now + 2.years, + secure: secure, http_only: true) + else + env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", value: sid, expires: Time.now + 2.years, + secure: secure, http_only: true) + end else error_message = "Invalid username or password" next templated "error" @@ -891,8 +896,13 @@ post "/login" do |env| secure = false end - env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", value: sid, expires: Time.now + 2.years, - secure: secure, http_only: true) + if CONFIG.domain + env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", domain: ".#{CONFIG.domain}", value: sid, expires: Time.now + 2.years, + secure: secure, http_only: true) + else + env.response.cookies["SID"] = HTTP::Cookie.new(name: "SID", value: sid, expires: Time.now + 2.years, + secure: secure, http_only: true) + end end env.redirect referer diff --git a/src/invidious/helpers/helpers.cr b/src/invidious/helpers/helpers.cr index 92a2e1b1..aa9c0433 100644 --- a/src/invidious/helpers/helpers.cr +++ b/src/invidious/helpers/helpers.cr @@ -16,6 +16,7 @@ class Config hmac_key: String?, full_refresh: Bool, geo_bypass: Bool, + domain: String?, }) end