From a0165f6f02cc012fcb509eb2bce0024d3eac52e8 Mon Sep 17 00:00:00 2001
From: Harvey Tindall <hrfee@protonmail.ch>
Date: Fri, 18 Jul 2025 12:59:39 +0100
Subject: [PATCH] auth: strip port from domain if present

app.UseProxyHost being enabled means app.ExternalDomain sometimes
returns a domain/IP with a port attached. This is now removed, so the
refresh cookie is set correctly.
---
 auth.go      |  4 ++--
 config.go    | 11 +++++++++++
 user-auth.go |  4 ++--
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/auth.go b/auth.go
index 1c065df..7a0a939 100644
--- a/auth.go
+++ b/auth.go
@@ -266,7 +266,7 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
 		respond(500, "Couldn't generate token", gc)
 		return
 	}
-	host := app.ExternalDomain(gc)
+	host := app.ExternalDomainNoPort(gc)
 
 	// Before you think this is broken: the first "true" arg is for "secure", i.e. only HTTPS!
 	gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true)
@@ -328,7 +328,7 @@ func (app *appContext) getTokenRefresh(gc *gin.Context) {
 		return
 	}
 	// host := gc.Request.URL.Hostname()
-	host := app.ExternalDomain(gc)
+	host := app.ExternalDomainNoPort(gc)
 	gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true)
 	gc.JSON(200, getTokenDTO{jwt})
 }
diff --git a/config.go b/config.go
index cb2e5bb..b1991ae 100644
--- a/config.go
+++ b/config.go
@@ -3,6 +3,7 @@ package main
 import (
 	"fmt"
 	"io/fs"
+	"net"
 	"net/url"
 	"os"
 	"path/filepath"
@@ -81,6 +82,16 @@ func (app *appContext) ExternalDomain(gc *gin.Context) string {
 	return gc.Request.Host
 }
 
+// ExternalDomainNoPort attempts to return app.ExternalDomain() with the port removed. If the internally-used method fails, it is assumed the domain has no port anyway.
+func (app *appContext) ExternalDomainNoPort(gc *gin.Context) string {
+	domain := app.ExternalDomain(gc)
+	host, _, err := net.SplitHostPort(domain)
+	if err != nil {
+		return domain
+	}
+	return host
+}
+
 // ExternalURI returns the External URI of jfa-go's root directory (by default, where the admin page is), using the fixed app.externalURI value unless app.UseProxyHost is true and gc is not nil.
 // When nil is passed, app.externalURI is returned.
 func (app *appContext) ExternalURI(gc *gin.Context) string {
diff --git a/user-auth.go b/user-auth.go
index c8581f2..d76140e 100644
--- a/user-auth.go
+++ b/user-auth.go
@@ -65,7 +65,7 @@ func (app *appContext) getUserTokenLogin(gc *gin.Context) {
 	}
 
 	// host := gc.Request.URL.Hostname()
-	host := app.ExternalDomain(gc)
+	host := app.ExternalDomainNoPort(gc)
 	uri := "/my"
 	// FIXME: This seems like a bad idea? I think it's to deal with people having Reverse proxy subfolder/URL base set to /accounts.
 	if strings.HasPrefix(gc.Request.RequestURI, PAGES.Base) {
@@ -105,7 +105,7 @@ func (app *appContext) getUserTokenRefresh(gc *gin.Context) {
 	}
 
 	// host := gc.Request.URL.Hostname()
-	host := app.ExternalDomain(gc)
+	host := app.ExternalDomainNoPort(gc)
 	gc.SetCookie("user-refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", host, true, true)
 	gc.JSON(200, getTokenDTO{jwt})
 }