From 2818f4e0732edeef63cd271875a88e663194fbef Mon Sep 17 00:00:00 2001
From: Mark McDowall <mark@mcdowall.ca>
Date: Sat, 14 Sep 2024 12:47:42 -0700
Subject: [PATCH] New: Use instance name in forms authentication cookie name

(cherry picked from commit 97ebaf279650082c6baee9563ef179921c5ed25a)

Closes #5102
---
 .../AuthenticationBuilderExtensions.cs        | 23 +++++++++++++------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/src/Lidarr.Http/Authentication/AuthenticationBuilderExtensions.cs b/src/Lidarr.Http/Authentication/AuthenticationBuilderExtensions.cs
index ce8a2b652..752e39ce6 100644
--- a/src/Lidarr.Http/Authentication/AuthenticationBuilderExtensions.cs
+++ b/src/Lidarr.Http/Authentication/AuthenticationBuilderExtensions.cs
@@ -1,7 +1,10 @@
 using System;
+using System.Web;
 using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.Extensions.DependencyInjection;
 using NzbDrone.Core.Authentication;
+using NzbDrone.Core.Configuration;
 
 namespace Lidarr.Http.Authentication
 {
@@ -29,19 +32,25 @@ namespace Lidarr.Http.Authentication
 
         public static AuthenticationBuilder AddAppAuthentication(this IServiceCollection services)
         {
-            return services.AddAuthentication()
-                .AddNone(AuthenticationType.None.ToString())
-                .AddExternal(AuthenticationType.External.ToString())
-                .AddBasic(AuthenticationType.Basic.ToString())
-                .AddCookie(AuthenticationType.Forms.ToString(), options =>
+            services.AddOptions<CookieAuthenticationOptions>(AuthenticationType.Forms.ToString())
+                .Configure<IConfigFileProvider>((options, configFileProvider) =>
                 {
-                    options.Cookie.Name = "LidarrAuth";
+                    // Url Encode the cookie name to account for spaces or other invalid characters in the configured instance name
+                    var instanceName = HttpUtility.UrlEncode(configFileProvider.InstanceName);
+
+                    options.Cookie.Name = $"{instanceName}Auth";
                     options.AccessDeniedPath = "/login?loginFailed=true";
                     options.LoginPath = "/login";
                     options.ExpireTimeSpan = TimeSpan.FromDays(7);
                     options.SlidingExpiration = true;
                     options.ReturnUrlParameter = "returnUrl";
-                })
+                });
+
+            return services.AddAuthentication()
+                .AddNone(AuthenticationType.None.ToString())
+                .AddExternal(AuthenticationType.External.ToString())
+                .AddBasic(AuthenticationType.Basic.ToString())
+                .AddCookie(AuthenticationType.Forms.ToString())
                 .AddApiKey("API", options =>
                 {
                     options.HeaderName = "X-Api-Key";