-
Notifications
You must be signed in to change notification settings - Fork 0
/
cookie.go
54 lines (46 loc) · 1.27 KB
/
cookie.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package profile
import (
"net/http"
"time"
"github.com/spf13/viper"
)
func AddSessionCookie(w http.ResponseWriter, token string, domain string) {
expiration := GetSessionExpiration()
cookie := http.Cookie{
Name: GetSessionCookieName(),
Value: token,
Path: "/",
Expires: expiration,
Domain: domain,
HttpOnly: true,
Secure: viper.GetBool("session.secureCookie"),
}
// TODO: Verify SameSite=Strict|Lax attribute
cookieString := cookie.String() + "; SameSite=lax"
w.Header().Set("Set-Cookie", cookieString)
}
func ClearSessionCookie(w http.ResponseWriter, domain string) {
cookie := http.Cookie{
Name: GetSessionCookieName(),
Value: "",
Path: "/",
Expires: time.Unix(0, 0),
Domain: domain,
HttpOnly: true,
Secure: viper.GetBool("session.secureCookie"),
}
http.SetCookie(w, &cookie)
}
func GetSessionCookieFromRequest(r *http.Request) *http.Cookie {
cookie, _ := r.Cookie(GetSessionCookieName())
return cookie
}
func GetSessionExpiration() time.Time {
return time.Now().Add(time.Minute * time.Duration(GetCookieExpirationMinutes()))
}
func GetCookieExpirationMinutes() int {
return viper.GetInt("session.cookieExpirationMinutes")
}
func GetSessionCookieName() string {
return viper.GetString("session.cookieName")
}