From 421b003218422f53a12b4a45b2e5687dcb25cad6 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Wed, 11 May 2022 10:08:38 +0200
Subject: [PATCH] internal: set path on cookie for proxy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2305
---
 internal/outpost/proxyv2/application/application.go | 2 +-
 internal/outpost/proxyv2/application/session.go     | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/internal/outpost/proxyv2/application/application.go b/internal/outpost/proxyv2/application/application.go
index fd67a4181..470b2a7a5 100644
--- a/internal/outpost/proxyv2/application/application.go
+++ b/internal/outpost/proxyv2/application/application.go
@@ -96,7 +96,7 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
 		errorTemplates: templates.GetTemplates(),
 		ak:             ak,
 	}
-	a.sessions = a.getStore(p)
+	a.sessions = a.getStore(p, externalHost)
 	mux.Use(web.NewLoggingHandler(muxLogger, func(l *log.Entry, r *http.Request) *log.Entry {
 		s, err := a.sessions.Get(r, constants.SeesionName)
 		if err != nil {
diff --git a/internal/outpost/proxyv2/application/session.go b/internal/outpost/proxyv2/application/session.go
index 8b04f1741..f65800394 100644
--- a/internal/outpost/proxyv2/application/session.go
+++ b/internal/outpost/proxyv2/application/session.go
@@ -3,6 +3,7 @@ package application
 import (
 	"fmt"
 	"math"
+	"net/url"
 	"os"
 	"strconv"
 
@@ -12,7 +13,7 @@ import (
 	"gopkg.in/boj/redistore.v1"
 )
 
-func (a *Application) getStore(p api.ProxyOutpostConfig) sessions.Store {
+func (a *Application) getStore(p api.ProxyOutpostConfig, externalHost *url.URL) sessions.Store {
 	var store sessions.Store
 	if config.G.Redis.Host != "" {
 		rs, err := redistore.NewRediStoreWithDB(10, "tcp", fmt.Sprintf("%s:%d", config.G.Redis.Host, config.G.Redis.Port), config.G.Redis.Password, strconv.Itoa(config.G.Redis.OutpostSessionDB), []byte(*p.CookieSecret))
@@ -27,6 +28,7 @@ func (a *Application) getStore(p api.ProxyOutpostConfig) sessions.Store {
 		} else {
 			rs.SetMaxAge(0)
 		}
+		rs.Options.Path = externalHost.Path
 		rs.Options.Domain = *p.CookieDomain
 		a.log.Debug("using redis session backend")
 		store = rs
@@ -47,6 +49,7 @@ func (a *Application) getStore(p api.ProxyOutpostConfig) sessions.Store {
 		} else {
 			cs.MaxAge(0)
 		}
+		cs.Options.Path = externalHost.Path
 		cs.Options.Domain = *p.CookieDomain
 		a.log.WithField("dir", dir).Debug("using filesystem session backend")
 		store = cs