Auth route /whoami for nginx subrequest auth, support changing the session cookie domain for that purpose

2023-11-08 09:36:30 +00:00
parent 54db8727b0
commit 93cd897b0e
6 changed files with 20 additions and 4 deletions
--- a/lib/sso_bsn_web/controllers/openid/authorize_controller.ex
+++ b/lib/sso_bsn_web/controllers/openid/authorize_controller.ex
@@ -7,8 +7,7 @@ defmodule SsoBsnWeb.Openid.AuthorizeController do
  alias Boruta.Oauth.Error
  alias Boruta.Oauth.ResourceOwner
  alias SsoBsnWeb.UserAuth
-  alias SsoBsnWeb.Openid.AuthorizeView
-
+  
  def oauth_module, do: Application.get_env(:sso_bsn, :oauth_module, Boruta.Oauth)

  def authorize(%Plug.Conn{} = conn, _params) do
--- a/lib/sso_bsn_web/controllers/user_session_controller.ex
+++ b/lib/sso_bsn_web/controllers/user_session_controller.ex
@@ -23,4 +23,13 @@ defmodule SsoBsnWeb.UserSessionController do
    |> put_flash(:info, "Logged out successfully.")
    |> UserAuth.log_out_user()
  end
+
+  def check_auth(conn, _params) do
+    user = conn.assigns[:current_user]
+    conn
+    |> put_resp_header("X-Auth-Username", user.username)
+    |> json(%{
+      username: user.username
+    })
+  end
 end