- COOKIE_SECURE environment variable (defaults to true, set to false for local HTTP development)
- Cookie time and JWT share the same time
This commit is contained in:
parent
19dba8f504
commit
262c5befd9
1 changed files with 24 additions and 3 deletions
27
cookies.go
27
cookies.go
|
|
@ -19,6 +19,7 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ErrValueTooLong indicates that the cookie value exceeds the allowed length limit.
|
// ErrValueTooLong indicates that the cookie value exceeds the allowed length limit.
|
||||||
|
|
@ -84,9 +85,8 @@ func GetCookie(r *http.Request) (UserCookie, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetCookie sets an encrypted cookie with a user's email and token, using gob encoding for data serialization.
|
// SetCookie sets an encrypted cookie with a user's email and token, using gob encoding for data serialization.
|
||||||
|
// The Secure flag is controlled by the COOKIE_SECURE environment variable (defaults to true, set to false for local HTTP development).
|
||||||
func SetCookie(w http.ResponseWriter, email string, token string) error {
|
func SetCookie(w http.ResponseWriter, email string, token string) error {
|
||||||
// Initialize a User struct containing the data that we want to store in the
|
|
||||||
// cookie.
|
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
// check if template engine is enable
|
// check if template engine is enable
|
||||||
|
|
@ -124,15 +124,36 @@ func SetCookie(w http.ResponseWriter, email string, token string) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Derive cookie MaxAge from JWT_LIFESPAN_MINUTES (default: 1440 min = 1 day)
|
||||||
|
maxAge := 1440 * 60 // default 1 day in seconds
|
||||||
|
lifetimeStr := os.Getenv("JWT_LIFESPAN_MINUTES")
|
||||||
|
if lifetimeStr != "" {
|
||||||
|
lifetime, parseErr := strconv.Atoi(lifetimeStr)
|
||||||
|
if parseErr == nil {
|
||||||
|
maxAge = lifetime * 60 // convert minutes to seconds
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Determine if the cookie should have the Secure flag.
|
||||||
|
// Set COOKIE_SECURE=false (or "0", "f") in your .env for local development over HTTP.
|
||||||
|
// Defaults to true for production safety.
|
||||||
|
cookieSecureStr := os.Getenv("COOKIE_SECURE")
|
||||||
|
if cookieSecureStr == "" {
|
||||||
|
cookieSecureStr = "true"
|
||||||
|
}
|
||||||
|
cookieSecure, _ := strconv.ParseBool(cookieSecureStr)
|
||||||
|
|
||||||
// Call buf.String() to get the gob-encoded value as a string and set it as
|
// Call buf.String() to get the gob-encoded value as a string and set it as
|
||||||
// the cookie value.
|
// the cookie value.
|
||||||
cookie := http.Cookie{
|
cookie := http.Cookie{
|
||||||
Name: "goffee",
|
Name: "goffee",
|
||||||
Value: buf.String(),
|
Value: buf.String(),
|
||||||
Path: "/",
|
Path: "/",
|
||||||
MaxAge: 3600,
|
MaxAge: maxAge,
|
||||||
|
Expires: time.Now().Add(time.Duration(maxAge) * time.Second),
|
||||||
HttpOnly: true,
|
HttpOnly: true,
|
||||||
SameSite: http.SameSiteLaxMode,
|
SameSite: http.SameSiteLaxMode,
|
||||||
|
Secure: cookieSecure,
|
||||||
}
|
}
|
||||||
|
|
||||||
// Write an encrypted cookie containing the gob-encoded data as normal.
|
// Write an encrypted cookie containing the gob-encoded data as normal.
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue