Skip to content

Commit

Permalink
added more unique req headers coming from travelling.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Phara0h
Phara0h committed Apr 7, 2021
1 parent ebff1a0 commit a77da6e
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 7 deletions.
14 changes: 7 additions & 7 deletions include/server/router.js
View file
Expand Up @@ -130,15 +130,15 @@ class Router {
// sets user id cookie every time to protect against tampering.
if (authenticated && config.proxy.sendTravellingHeaders) {
if (config.user.username.enabled) {
req.headers['un'] = sessionUser.username;
req.headers['t-user'] = sessionUser.username;
}

req.headers['gn'] = routedGroup.name;
req.headers['gt'] = routedGroup.type;
req.headers['do'] = sessionUser.domain;
req.headers['uid'] = sessionUser.id;
req.headers['em'] = sessionUser.email;
req.headers['perm'] = r.name;
req.headers['t-grpn'] = routedGroup.name;
req.headers['t-grpt'] = routedGroup.type;
req.headers['t-dom'] = sessionUser.domain;
req.headers['t-id'] = sessionUser.id;
req.headers['t-email'] = sessionUser.email;
req.headers['t-perm'] = r.name;
}

if (req.raw.url.indexOf('/' + config.serviceName + '/') == 0 && !r.host) {
Expand Down
1 change: 1 addition & 0 deletions include/utils/auth.js
View file
Expand Up @@ -33,6 +33,7 @@ var checkAuthHeader = async (req, res, router) => {
return false;
}

// Maybe optomize this with sessions?
var user = await TokenHandler.checkAccessToken(splitAuth[1]);

if (!user) {
Expand Down

0 comments on commit a77da6e

Please sign in to comment.