From 47a66d53e708122c3993ba24ea35cfef711416b2 Mon Sep 17 00:00:00 2001
From: Sasha Koshka <sashakoshka@tebibyte.media>
Date: Fri, 27 Dec 2024 01:13:55 -0500
Subject: [PATCH] providers/session: Add option to set the domain of session
 cookies

---
 providers/session/session.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/providers/session/session.go b/providers/session/session.go
index 7614144..c6ec30f 100644
--- a/providers/session/session.go
+++ b/providers/session/session.go
@@ -23,6 +23,7 @@ var _ step.Trimmer         = new(Provider)
 type Provider struct {
 	Lifetime       time.Duration
 	InsecureCookie bool
+	CookieDomain   string
 	sessions usync.RWLocker[sessionMap]
 }
 
@@ -65,6 +66,9 @@ func (this *Provider) Configure (config step.Meta) error {
 			log.Println("!!! session.insecure-cookie is active, this is not recommended")	
 		}
 	}
+	if cookieDomainStr := config.Get("session.cookie-domain"); cookieDomainStr != "" {
+		this.CookieDomain = cookieDomainStr
+	}
 	return nil
 }
 
@@ -74,6 +78,7 @@ func (this *Provider) FuncMapFor (document *step.Document) template.FuncMap {
 		document: document,
 		sessions: &this.sessions,
 		insecureCookie: this.InsecureCookie,
+		cookieDomain:   this.CookieDomain,
 	}
 	return template.FuncMap {
 		"sessionHTTP":   stat.funcSessionHTTP,
@@ -86,6 +91,7 @@ type state struct {
 	sessions *usync.RWLocker[sessionMap]
 	lifetime time.Duration
 	insecureCookie bool
+	cookieDomain   string
 }
 
 func (this *state) funcSessionHTTP (
@@ -129,6 +135,7 @@ func (this *state) funcSessionHTTP (
 		Expires:  expiration,
 		SameSite: http.SameSiteStrictMode,
 		Path:     "/",
+		Domain:   this.cookieDomain,
 	}
 	if !this.insecureCookie {
 		cookie.Secure = true