SubdomainAppSessionTokenCookie returns the cookie name for the subdomain app session token. This is unique per workspace proxy and is based on a hash of the workspace proxy subdomain hostname. The reason the cookie needs to be unique per workspace proxy is to avoid cookies from one proxy (e.g. the
(hostname string)
| 53 | // |
| 54 | // By using a unique cookie name per workspace proxy, we can avoid this issue. |
| 55 | func SubdomainAppSessionTokenCookie(hostname string) string { |
| 56 | hash := sha256.Sum256([]byte(hostname)) |
| 57 | // 16 bytes of uniqueness is probably enough. |
| 58 | str := hex.EncodeToString(hash[:16]) |
| 59 | return codersdk.SubdomainAppSessionTokenCookie + "_" + str |
| 60 | } |
| 61 | |
| 62 | // AppConnectSessionTokenFromRequest returns the session token from the request |
| 63 | // if it exists. The access method is used to determine which cookie name to |