do: "__Host-pleroma_key",
else: "pleroma_key"
- same_site =
- if Pleroma.Config.get([:auth, :oauth_consumer_enabled]) do
- # Note: "SameSite=Strict" prevents sign in with external OAuth provider (no cookies during callback request)
- "SameSite=Lax"
- else
- "SameSite=Strict"
- end
+ extra =
+ Pleroma.Config.get([__MODULE__, :extra_cookie_attrs])
+ |> Enum.join(";")
# The session will be stored in the cookie and signed,
# this means its contents can be read but not tampered with.
signing_salt: {Pleroma.Config, :get, [[__MODULE__, :signing_salt], "CqaoopA2"]},
http_only: true,
secure: secure_cookies,
- extra: same_site
+ extra: extra
)
+ # Note: the plug and its configuration is compile-time this can't be upstreamed yet
+ if proxies = Pleroma.Config.get([__MODULE__, :reverse_proxies]) do
+ plug(RemoteIp, proxies: proxies)
+ end
+
+ defmodule Instrumenter do
+ use Prometheus.PhoenixInstrumenter
+ end
+
+ defmodule PipelineInstrumenter do
+ use Prometheus.PlugPipelineInstrumenter
+ end
+
+ defmodule MetricsExporter do
+ use Prometheus.PlugExporter
+ end
+
+ plug(PipelineInstrumenter)
+ plug(MetricsExporter)
+
plug(Pleroma.Web.Router)
@doc """