New: Use instance name in forms authentication cookie name

Closes #10416
pull/10418/head^2
Mark McDowall 4 months ago committed by Bogdan
parent 2fc32189d8
commit 5757fa797f

@ -1,7 +1,10 @@
using System; using System;
using System.Web;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using NzbDrone.Core.Authentication; using NzbDrone.Core.Authentication;
using NzbDrone.Core.Configuration;
namespace Radarr.Http.Authentication namespace Radarr.Http.Authentication
{ {
@ -29,19 +32,25 @@ namespace Radarr.Http.Authentication
public static AuthenticationBuilder AddAppAuthentication(this IServiceCollection services) public static AuthenticationBuilder AddAppAuthentication(this IServiceCollection services)
{ {
return services.AddAuthentication() services.AddOptions<CookieAuthenticationOptions>(AuthenticationType.Forms.ToString())
.AddNone(AuthenticationType.None.ToString()) .Configure<IConfigFileProvider>((options, configFileProvider) =>
.AddExternal(AuthenticationType.External.ToString())
.AddBasic(AuthenticationType.Basic.ToString())
.AddCookie(AuthenticationType.Forms.ToString(), options =>
{ {
options.Cookie.Name = "RadarrAuth"; // Url Encode the cookie name to account for spaces or other invalid characters in the configured instance name
var instanceName = HttpUtility.UrlEncode(configFileProvider.InstanceName);
options.Cookie.Name = $"{instanceName}Auth";
options.AccessDeniedPath = "/login?loginFailed=true"; options.AccessDeniedPath = "/login?loginFailed=true";
options.LoginPath = "/login"; options.LoginPath = "/login";
options.ExpireTimeSpan = TimeSpan.FromDays(7); options.ExpireTimeSpan = TimeSpan.FromDays(7);
options.SlidingExpiration = true; options.SlidingExpiration = true;
options.ReturnUrlParameter = "returnUrl"; options.ReturnUrlParameter = "returnUrl";
}) });
return services.AddAuthentication()
.AddNone(AuthenticationType.None.ToString())
.AddExternal(AuthenticationType.External.ToString())
.AddBasic(AuthenticationType.Basic.ToString())
.AddCookie(AuthenticationType.Forms.ToString())
.AddApiKey("API", options => .AddApiKey("API", options =>
{ {
options.HeaderName = "X-Api-Key"; options.HeaderName = "X-Api-Key";

Loading…
Cancel
Save