Skip to content

Commit

Permalink
fixes more files
Browse files Browse the repository at this point in the history
  • Loading branch information
rishabhpoddar committed Nov 23, 2023
1 parent 85f3f3f commit 98b60f9
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 4 deletions.
12 changes: 10 additions & 2 deletions recipe/session/recipe.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,13 +56,21 @@ func MakeRecipe(recipeId string, appInfo supertokens.NormalisedAppinfo, config *
return Recipe{}, configError
}

supertokens.LogDebugMessage("session init: AntiCsrf: " + verifiedConfig.AntiCsrf)
if config.AntiCsrf == nil {
supertokens.LogDebugMessage("session init: AntiCsrf: function")
} else {
supertokens.LogDebugMessage("session init: AntiCsrf: " + *config.AntiCsrf)
}
if verifiedConfig.CookieDomain != nil {
supertokens.LogDebugMessage("session init: CookieDomain: " + *verifiedConfig.CookieDomain)
} else {
supertokens.LogDebugMessage("session init: CookieDomain: nil")
}
supertokens.LogDebugMessage("session init: CookieSameSite: " + verifiedConfig.CookieSameSite)
if config.CookieSameSite == nil {
supertokens.LogDebugMessage("session init: CookieSameSite: default function")
} else {
supertokens.LogDebugMessage("session init: CookieSameSite: " + *config.CookieSameSite)
}
supertokens.LogDebugMessage("session init: CookieSecure: " + strconv.FormatBool(verifiedConfig.CookieSecure))
supertokens.LogDebugMessage("session init: RefreshTokenPath: " + verifiedConfig.RefreshTokenPath.GetAsStringDangerous())
supertokens.LogDebugMessage("session init: SessionExpiredStatusCode: " + strconv.Itoa(verifiedConfig.SessionExpiredStatusCode))
Expand Down
4 changes: 2 additions & 2 deletions recipe/session/recipeImplementation.go
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,7 @@ func MakeRecipeImplementation(querier supertokens.Querier, config sessmodels.Typ
// In all cases if sIdRefreshToken token exists (so it's a legacy session) we return TRY_REFRESH_TOKEN. The refresh endpoint will clear this cookie and try to upgrade the session.
// Check https://supertokens.com/docs/contribute/decisions/session/0007 for further details and a table of expected behaviours
getSession := func(accessTokenString *string, antiCsrfToken *string, options *sessmodels.VerifySessionOptions, userContext supertokens.UserContext) (sessmodels.SessionContainer, error) {
if options != nil && options.AntiCsrfCheck != nil && *options.AntiCsrfCheck != false && config.AntiCsrf == AntiCSRF_VIA_CUSTOM_HEADER {
if options != nil && options.AntiCsrfCheck != nil && *options.AntiCsrfCheck != false && config.AntiCsrfFunctionOrString.FunctionValue == nil && config.AntiCsrfFunctionOrString.StrValue == AntiCSRF_VIA_CUSTOM_HEADER {
return nil, defaultErrors.New("Since the anti-csrf mode is VIA_CUSTOM_HEADER getSession can't check the CSRF token. Please either use VIA_TOKEN or set antiCsrfCheck to false")
}

Expand Down Expand Up @@ -288,7 +288,7 @@ func MakeRecipeImplementation(querier supertokens.Querier, config sessmodels.Typ
}

refreshSession := func(refreshToken string, antiCsrfToken *string, disableAntiCsrf bool, userContext supertokens.UserContext) (sessmodels.SessionContainer, error) {
if disableAntiCsrf != true && config.AntiCsrf == AntiCSRF_VIA_CUSTOM_HEADER {
if disableAntiCsrf != true && config.AntiCsrfFunctionOrString.FunctionValue == nil && config.AntiCsrfFunctionOrString.StrValue == AntiCSRF_VIA_CUSTOM_HEADER {
return nil, defaultErrors.New("Since the anti-csrf mode is VIA_CUSTOM_HEADER getSession can't check the CSRF token. Please either use VIA_TOKEN or set antiCsrfCheck to false")
}

Expand Down

0 comments on commit 98b60f9

Please sign in to comment.