-
Notifications
You must be signed in to change notification settings - Fork 0
/
cookie.go
87 lines (76 loc) · 2.76 KB
/
cookie.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
// Package cookie deals with set, get and deleting of HTTP Cookies
package cookie
import (
"errors"
"net/http"
"time"
)
const (
// DefaultExpiry is the default expiry for a cookie if a user does not sets it
DefaultExpiry = 3600
)
// CyclopsCookie is a struct to hold cookie info
type CyclopsCookie struct {
// Name of cookie
Name string
// Value of cookie
Value string
// The Domain and Path attributes define the scope of the cookie. They essentially tell the browser what website
// the cookie belongs to
Path string
Domain string
// Secure attribute is meant to keep cookie communication limited to encrypted transmission, directing browsers
// to use cookies only via secure/encrypted connections
Secure bool
// HttpOnly attribute directs browsers not to expose cookies through channels other than HTTP (and HTTPS) requests.
// This means that the cookie cannot be accessed via client-side scripting languages (notably JavaScript),
// and therefore cannot be stolen easily via cross-site scripting
HttpOnly bool
// SameSite when enabled, a cookie can only be sent in requests originating from the same origin as the target
// domain, it helps to prevent XSRF attacks
SameSite http.SameSite
// Expires specifies time in seconds for a cookie to expire
Expires time.Duration
MaxAge int
}
// SetCookie is used to sets a cookie to the responseWriter
func (cyclopsCookie CyclopsCookie) SetCookie(w http.ResponseWriter) {
cookie := &http.Cookie{}
cookie.Name = cyclopsCookie.Name
cookie.Value = cyclopsCookie.Value
if cyclopsCookie.Path == "" {
cookie.Path = "/"
} else {
cookie.Path = cyclopsCookie.Path
}
cookie.Domain = cyclopsCookie.Domain
cookie.Secure = cyclopsCookie.Secure
cookie.HttpOnly = cyclopsCookie.HttpOnly
if cyclopsCookie.Expires == 0 {
cookie.Expires = time.Now().Add(DefaultExpiry * time.Second)
} else {
cookie.Expires = time.Now().Add(cyclopsCookie.Expires * time.Second)
}
if cyclopsCookie.SameSite == 0 {
cookie.SameSite = http.SameSiteNoneMode
} else {
cookie.SameSite = cyclopsCookie.SameSite
}
http.SetCookie(w, cookie)
}
// GetCookie retrieves a cookie based on the cookie name from request, returns error if cookie does not exist
func (cyclopsCookie CyclopsCookie) GetCookie(r *http.Request, name string) (*http.Cookie, error) {
if r.Method == http.MethodTrace {
return nil, errors.New("method not allowed")
}
return r.Cookie(name)
}
// GetAll returns array of HTTP cookies
func (cyclopsCookie CyclopsCookie) GetAll(r *http.Request) []*http.Cookie {
return r.Cookies()
}
// Delete is used to delete a cookie from the browser by setting the expires attribute to 0
func (cyclopsCookie CyclopsCookie) Delete(w http.ResponseWriter, cookie *http.Cookie) {
cookie.Expires = time.Now().Add(0 * time.Second)
http.SetCookie(w, cookie)
}