fix: names of cookies with a colon [#587]

ytsaurus · May 29, 2024 · 79a4254 · 79a4254
1 parent bc06aec
commit 79a4254
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 7 deletions.
diff --git a/packages/ui/src/server/components/yt-auth.ts b/packages/ui/src/server/components/yt-auth.ts
@@ -2,6 +2,7 @@ import {AppConfig} from '@gravity-ui/nodekit';
 import type {Response} from 'express';
 import {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';
 import {getClustersFromConfig} from './utils';
+import {makeAuthClusterCookieName} from '../utils';
 
 export function isYtAuthEnabled(config: AppConfig) {
     return Boolean(config.allowPasswordAuth);
@@ -14,7 +15,7 @@ export function YTAuthLogout(res: Response) {
         'set-cookie',
         [`${YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`].concat(
             Object.keys(clusters).map(
-                (cluster) => `${cluster}:${YT_CYPRESS_COOKIE_NAME}=deleted; Path=/; Max-Age=0;`,
+                (cluster) => `${makeAuthClusterCookieName(cluster)}=deleted; Path=/; Max-Age=0;`,
             ),
         ),
     );

diff --git a/packages/ui/src/server/controllers/clusters.ts b/packages/ui/src/server/controllers/clusters.ts
@@ -1,6 +1,5 @@
 import type {Request, Response} from 'express';
-import {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';
-import {sendError, sendResponse} from '../utils';
+import {makeAuthClusterCookieName, sendError, sendResponse} from '../utils';
 import {getVersions} from '../components/cluster-queries';
 import {getClustersFromConfig} from '../components/utils';
 
@@ -24,7 +23,7 @@ export function clusterAuthStatus(req: Request, res: Response) {
 
         data = Object.keys(clusters).reduce((ret, cluster) => {
             ret[cluster] = {
-                authorized: Boolean(req.cookies[`${cluster}:${YT_CYPRESS_COOKIE_NAME}`]),
+                authorized: Boolean(req.cookies[makeAuthClusterCookieName(cluster)]),
             };
 
             return ret;

diff --git a/packages/ui/src/server/controllers/login.ts b/packages/ui/src/server/controllers/login.ts
@@ -3,7 +3,12 @@ import axios from 'axios';
 import _ from 'lodash';
 import {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';
 import {getUserYTApiSetup, getYTApiClusterSetup} from '../components/requestsSetup';
-import {UNEXPECTED_PIPE_AXIOS_RESPONSE, pipeAxiosResponse, sendAndLogError} from '../utils';
+import {
+    UNEXPECTED_PIPE_AXIOS_RESPONSE,
+    makeAuthClusterCookieName,
+    pipeAxiosResponse,
+    sendAndLogError,
+} from '../utils';
 import crypto from 'crypto';
 
 // @ts-ignore
@@ -50,7 +55,7 @@ export async function handleLogin(req: Request, res: Response) {
                                         ret.push(
                                             item.replace(
                                                 YT_CYPRESS_COOKIE_NAME,
-                                                `${ytAuthCluster}:${YT_CYPRESS_COOKIE_NAME}`,
+                                                makeAuthClusterCookieName(ytAuthCluster),
                                             ),
                                         );
                                     }

diff --git a/packages/ui/src/server/middlewares/yt-auth.ts b/packages/ui/src/server/middlewares/yt-auth.ts
@@ -1,12 +1,13 @@
 import type {Request, Response} from 'express';
 import {AppMiddleware} from '@gravity-ui/expresskit';
 import {YT_CYPRESS_COOKIE_NAME, YT_UI_CLUSTER_HEADER_NAME} from '../../shared/constants';
+import {makeAuthClusterCookieName} from '../utils';
 
 export function createYTAuthorizationResolver(): AppMiddleware {
     return async function resolveYTAuthorization(req: Request, res: Response, next) {
         const {ytAuthCluster} = req.params;
 
-        const secret: string = req.cookies[`${ytAuthCluster}:${YT_CYPRESS_COOKIE_NAME}`];
+        const secret: string = req.cookies[makeAuthClusterCookieName(ytAuthCluster)];
 
         if (ytAuthCluster) {
             res.setHeader(YT_UI_CLUSTER_HEADER_NAME, ytAuthCluster);

diff --git a/packages/ui/src/server/utils/index.ts b/packages/ui/src/server/utils/index.ts
@@ -5,6 +5,7 @@ import {AxiosError, AxiosResponse} from 'axios';
 import {AppContext} from '@gravity-ui/nodekit';
 import {isYTError} from '../../shared/utils';
 import {getApp} from '../ServerFactory';
+import {YT_CYPRESS_COOKIE_NAME} from '../../shared/constants';
 import path from 'path';
 
 export function isProductionEnv() {
@@ -200,3 +201,7 @@ export async function sendAndLogError(
 
     return res.status(status || 500).send({message: JSON.stringify(e)});
 }
+
+export const makeAuthClusterCookieName = (ytAuthCluster: string) => {
+    return `${ytAuthCluster}_${YT_CYPRESS_COOKIE_NAME}`;
+};