Fixed user session initialization on login with reverse proxy header

Gitea does not initialize user session after login using reverse proxy header. This fixes it. Fixes: 27dc5a1 Author-Change-Id: IB#1104925
ibpl · Oct 20, 2020 · 45ea55d · 45ea55d
1 parent 27dc5a1
commit 45ea55d
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/modules/auth/sso/reverseproxy.go b/modules/auth/sso/reverseproxy.go
@@ -98,6 +98,17 @@ func (r *ReverseProxy) VerifyAuthData(ctx *macaron.Context, sess session.Store)
 		}
 	}
 
+	ctx.SetCookie("lang", user.Language, nil, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
+
+	// Clear whatever CSRF has right now, force to generate a new one.
+	ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
+
+	// Register last login.
+	user.SetLastLogin()
+	if err = models.UpdateUserCols(user, false, "last_login_unix"); err != nil {
+		log.Error(fmt.Sprintf("VerifyAuthData: error updating user last login time [user: %d]", user.ID))
+	}
+
 	return user
 }