sashakoshka/step
sashakoshka/step
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

providers/session: Fix session cookie, make it more secure

Browse Source
This commit is contained in:
Sasha Koshka 2024-12-20 20:27:46 -05:00
parent 2d5dbc50b3
commit b9d55ad0b6
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
providers/session/session.go
View File

@ -108,11 +108,16 @@ func (this *state) funcSessionHTTP (
result = session result = session
} }
cookie := &http.Cookie { cookie := &http.Cookie {
Name: sessionIDCookieName, Name: sessionIDCookieName,
Value: result.ID().String(), Value: result.ID().String(),
Expires: expiration, Expires: expiration,
Secure: true,
HttpOnly: true,
SameSite: http.SameSiteStrictMode,
Path: "/",
} }
http.SetCookie(shttp.UnderlyingResponseWriter(res), cookie) underlyingRes := shttp.UnderlyingResponseWriter(res)
http.SetCookie(underlyingRes, cookie)
return result, nil return result, nil
} }