feat: read cookies in the new API auth module (#665)

determined-ai · Jun 5, 2020 · f604a28 · f604a28
1 parent 9da1063
commit f604a28
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/master/internal/grpc/api.go b/master/internal/grpc/api.go
@@ -67,6 +67,11 @@ func RegisterHTTPProxy(e *echo.Echo, port int) error {
 	}
 	e.Any("/api/v1/*", func(c echo.Context) error {
 		request := c.Request()
+		if c.Request().Header.Get("Authorization") == "" {
+			if cookie, err := c.Cookie(cookieName); err == nil {
+				request.Header.Set("Authorization", fmt.Sprintf("Bearer %s", cookie.Value))
+			}
+		}
 		if _, ok := request.URL.Query()["pretty"]; ok {
 			request.Header.Set("Accept", jsonPretty)
 		}

diff --git a/master/internal/grpc/auth.go b/master/internal/grpc/auth.go
@@ -23,6 +23,7 @@ const (
 	// nolint:gosec // These are not potential hardcoded credentials.
 	gatewayTokenHeader = "grpcgateway-authorization"
 	userTokenHeader    = "x-user-token"
+	cookieName         = "auth"
 )
 
 var (
@@ -84,13 +85,13 @@ func userTokenResponse(_ context.Context, w http.ResponseWriter, resp proto.Mess
 	switch r := resp.(type) {
 	case *apiv1.LoginResponse:
 		http.SetCookie(w, &http.Cookie{
-			Name:    "auth",
+			Name:    cookieName,
 			Value:   r.Token,
 			Expires: time.Now().Add(db.SessionDuration),
 		})
 	case *apiv1.LogoutResponse:
 		http.SetCookie(w, &http.Cookie{
-			Name:    "auth",
+			Name:    cookieName,
 			Value:   "",
 			Expires: time.Unix(0, 0),
 		})