From c1da87a81916c3ee33f9d7ee13e6f329e9475cdf Mon Sep 17 00:00:00 2001
From: Steven <stevenlgtm@gmail.com>
Date: Sun, 3 Mar 2024 14:10:48 +0800
Subject: [PATCH] chore: update get request origin

---
 server/route/api/v2/auth_service.go | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/server/route/api/v2/auth_service.go b/server/route/api/v2/auth_service.go
index 40d37b28..e7ea805d 100644
--- a/server/route/api/v2/auth_service.go
+++ b/server/route/api/v2/auth_service.go
@@ -248,11 +248,17 @@ func (s *APIV2Service) buildAccessTokenCookie(ctx context.Context, accessToken s
 	} else {
 		attrs = append(attrs, "Expires="+expireTime.Format(time.RFC1123))
 	}
-	workspaceGeneralSetting, err := s.Store.GetWorkspaceGeneralSetting(ctx)
-	if err != nil {
-		return "", errors.Wrap(err, "failed to get workspace setting")
+
+	md, ok := metadata.FromIncomingContext(ctx)
+	if !ok {
+		return "", errors.New("failed to get metadata from context")
+	}
+	var origin string
+	for _, v := range md.Get("origin") {
+		origin = v
 	}
-	if strings.HasPrefix(workspaceGeneralSetting.InstanceUrl, "https://") {
+	isHTTPS := strings.HasPrefix(origin, "https://")
+	if isHTTPS {
 		attrs = append(attrs, "SameSite=None")
 		attrs = append(attrs, "Secure")
 	} else {