Demo mod: Secure kolačići i blokada TOTP aktivacije

- Secure flag na kolačićima se postavlja i u demo modu (HTTPS kroz Caddy) - Podešavanje 2FA je blokirano u demo modu — handler odbija zahtev, a šablon sakriva dugme i prikazuje obaveštenje
2026-06-19 01:54:36 +02:00
parent 1303b35387
commit b07297f323
6 changed files with 16 additions and 8 deletions
@@ -40,7 +40,7 @@ func RequireAuth(db *sql.DB, totpKljuc []byte) func(http.Handler) http.Handler {
 					Path:     "/",
 					Expires:  time.Unix(0, 0),
 					MaxAge:   -1,
-					Secure:   os.Getenv("NTECH_ENV") == "production",
+					Secure:   os.Getenv("NTECH_ENV") == "production" || os.Getenv("NTECH_ENV") == "demo",
 					HttpOnly: true,
 				})
 				http.Redirect(w, r, "/prijava", http.StatusSeeOther)
@@ -157,7 +157,7 @@ func postaviFlashGresku(w http.ResponseWriter, poruka string) {
 		Path:     "/",
 		MaxAge:   60,
 		HttpOnly: true,
-		Secure:   os.Getenv("NTECH_ENV") == "production",
+		Secure:   os.Getenv("NTECH_ENV") == "production" || os.Getenv("NTECH_ENV") == "demo",
 	})
 }