properly redirect successful auth requests to the target uri

author: mia <mia@mia.jetzt> 2024-07-19 17:46:50 -0700
committer: mia <mia@mia.jetzt> 2024-07-19 17:46:50 -0700
commit: 3b8f8f8fe4fe8e41e91ece2fa284dc940278f6af (patch)
tree: 9f9b7d47755ee131ce44e4c51d418f74610f0891 /nginx/sync.py
parent: 8886f4e5af15feb05b872b633dbb6bb169b44017 (diff)
download: asylum-3b8f8f8fe4fe8e41e91ece2fa284dc940278f6af.tar.gz
asylum-3b8f8f8fe4fe8e41e91ece2fa284dc940278f6af.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/nginx/sync.py b/nginx/sync.py
index 9b02c45..9d81a39 100644
--- a/nginx/sync.py
+++ b/nginx/sync.py
@@ -12,7 +12,7 @@ handoff = map(lambda line: spacing_pattern.sub(r"\1 ", line), handoff)
 handoff = "".join(handoff).replace('"', '\\"').replace("$", "${dollar}")
 
 auth_check = """if ($cookie___proxy_token = "") {
-            return 303 https://$host/.nginx/handoff.html;
+            return 303 https://$host/.nginx/handoff.html#$request_uri;
         }
         auth_request /.nginx/auth;"""
 
@@ -34,7 +34,7 @@ auth_locations = (
             }
 
             location /.nginx/cookie {
-                add_header Set-Cookie "__proxy_token=${arg_token}; max-age=${arg_max_age}; path=/; httponly; secure";
+                add_header Set-Cookie "__proxy_token=${arg_token}; max-age=${arg_max_age}; path=/; httponly; samesite=lax; secure";
                 return 200;
             }"""
 )
author	mia <mia@mia.jetzt>	2024-07-19 17:46:50 -0700
committer	mia <mia@mia.jetzt>	2024-07-19 17:46:50 -0700
commit	3b8f8f8fe4fe8e41e91ece2fa284dc940278f6af (patch)
tree	9f9b7d47755ee131ce44e4c51d418f74610f0891 /nginx/sync.py
parent	8886f4e5af15feb05b872b633dbb6bb169b44017 (diff)
download	asylum-3b8f8f8fe4fe8e41e91ece2fa284dc940278f6af.tar.gz asylum-3b8f8f8fe4fe8e41e91ece2fa284dc940278f6af.zip