Skip to content

feat: add cookie auth#224

Merged
gsanchietti merged 1 commit intomainfrom
webssh_auth
Mar 3, 2026
Merged

feat: add cookie auth#224
gsanchietti merged 1 commit intomainfrom
webssh_auth

Conversation

@gsanchietti
Copy link
Member

@gsanchietti gsanchietti commented Mar 3, 2026
edited
Loading

This is used to authenticate webssh

Fixes: NethServer/nethsecurity#1546

@gsanchietti gsanchietti requested a review from Copilot March 3, 2026 07:48
Copilot AI reviewed Mar 3, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds cookie-based JWT handling intended to support Traefik ForwardAuth (for webssh) by issuing JWTs via cookies and accepting JWT cookies on the /auth forward-auth endpoints.

Changes:

  • Configure gin-jwt middleware to send JWTs as an ns_jwt cookie.
  • Extend BasicUserAuth to authenticate via ns_jwt cookie before falling back to Basic Auth.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@gsanchietti gsanchietti requested a review from Copilot March 3, 2026 08:25
Copilot AI reviewed Mar 3, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@gsanchietti
feat: add cookie auth
2f5f733 
This is used to authenticate webssh
@gsanchietti gsanchietti requested a review from Tbaile March 3, 2026 08:39
@gsanchietti gsanchietti marked this pull request as ready for review March 3, 2026 08:39
@gsanchietti gsanchietti mentioned this pull request Mar 3, 2026
Open
@gsanchietti gsanchietti merged commit 6b6ef75 into main Mar 3, 2026
7 checks passed
@gsanchietti gsanchietti deleted the webssh_auth branch March 3, 2026 09:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@Tbaile Tbaile Awaiting requested review from Tbaile

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Hardening controller: protect prometheus and webssh paths with authentication

2 participants

@gsanchietti