Demo mod: Secure kolačići i blokada TOTP aktivacije

- Secure flag na kolačićima se postavlja i u demo modu (HTTPS kroz Caddy) - Podešavanje 2FA je blokirano u demo modu — handler odbija zahtev, a šablon sakriva dugme i prikazuje obaveštenje
2026-06-19 01:54:36 +02:00
parent 1303b35387
commit b07297f323
6 changed files with 16 additions and 8 deletions
@@ -269,7 +269,7 @@ func (h *Handler) Odjava(w http.ResponseWriter, r *http.Request) {
 		Path:     "/",
 		Expires:  time.Unix(0, 0),
 		MaxAge:   -1,
-		Secure:   os.Getenv("NTECH_ENV") == "production",
+		Secure:   os.Getenv("NTECH_ENV") == "production" || os.Getenv("NTECH_ENV") == "demo",
 		HttpOnly: true,
 	})
 	http.Redirect(w, r, "/prijava", http.StatusSeeOther)
@@ -318,7 +318,7 @@ func napraviKolacic(token string, istice time.Time) *http.Cookie {
 		Path:     "/",
 		Expires:  istice,
 		HttpOnly: true,
-		Secure:   os.Getenv("NTECH_ENV") == "production",
+		Secure:   os.Getenv("NTECH_ENV") == "production" || os.Getenv("NTECH_ENV") == "demo",
 		SameSite: http.SameSiteStrictMode,
 	}
 }