providers/session: Add option to set the domain of session cookies
This commit is contained in:
parent
b6e4c719ca
commit
47a66d53e7
@ -23,6 +23,7 @@ var _ step.Trimmer = new(Provider)
|
||||
type Provider struct {
|
||||
Lifetime time.Duration
|
||||
InsecureCookie bool
|
||||
CookieDomain string
|
||||
sessions usync.RWLocker[sessionMap]
|
||||
}
|
||||
|
||||
@ -65,6 +66,9 @@ func (this *Provider) Configure (config step.Meta) error {
|
||||
log.Println("!!! session.insecure-cookie is active, this is not recommended")
|
||||
}
|
||||
}
|
||||
if cookieDomainStr := config.Get("session.cookie-domain"); cookieDomainStr != "" {
|
||||
this.CookieDomain = cookieDomainStr
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -74,6 +78,7 @@ func (this *Provider) FuncMapFor (document *step.Document) template.FuncMap {
|
||||
document: document,
|
||||
sessions: &this.sessions,
|
||||
insecureCookie: this.InsecureCookie,
|
||||
cookieDomain: this.CookieDomain,
|
||||
}
|
||||
return template.FuncMap {
|
||||
"sessionHTTP": stat.funcSessionHTTP,
|
||||
@ -86,6 +91,7 @@ type state struct {
|
||||
sessions *usync.RWLocker[sessionMap]
|
||||
lifetime time.Duration
|
||||
insecureCookie bool
|
||||
cookieDomain string
|
||||
}
|
||||
|
||||
func (this *state) funcSessionHTTP (
|
||||
@ -129,6 +135,7 @@ func (this *state) funcSessionHTTP (
|
||||
Expires: expiration,
|
||||
SameSite: http.SameSiteStrictMode,
|
||||
Path: "/",
|
||||
Domain: this.cookieDomain,
|
||||
}
|
||||
if !this.insecureCookie {
|
||||
cookie.Secure = true
|
||||
|
||||
Loading…
Reference in New Issue
Block a user