2024-03-25 11:00:36 +00:00
|
|
|
//go:build go1.11
|
2021-08-12 20:03:24 +01:00
|
|
|
// +build go1.11
|
|
|
|
|
|
|
|
package sessions
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
2024-03-25 11:00:36 +00:00
|
|
|
|
|
|
|
gsessions "github.com/gorilla/sessions"
|
2021-08-12 20:03:24 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
// Options stores configuration for a session or session store.
|
|
|
|
// Fields are a subset of http.Cookie fields.
|
|
|
|
type Options struct {
|
|
|
|
Path string
|
|
|
|
Domain string
|
|
|
|
// MaxAge=0 means no 'Max-Age' attribute specified.
|
|
|
|
// MaxAge<0 means delete cookie now, equivalently 'Max-Age: 0'.
|
|
|
|
// MaxAge>0 means Max-Age attribute present and given in seconds.
|
|
|
|
MaxAge int
|
|
|
|
Secure bool
|
|
|
|
HttpOnly bool
|
|
|
|
// rfc-draft to preventing CSRF: https://tools.ietf.org/html/draft-west-first-party-cookies-07
|
|
|
|
// refer: https://godoc.org/net/http
|
|
|
|
// https://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/
|
|
|
|
SameSite http.SameSite
|
|
|
|
}
|
|
|
|
|
|
|
|
func (options Options) ToGorillaOptions() *gsessions.Options {
|
|
|
|
return &gsessions.Options{
|
|
|
|
Path: options.Path,
|
|
|
|
Domain: options.Domain,
|
|
|
|
MaxAge: options.MaxAge,
|
|
|
|
Secure: options.Secure,
|
|
|
|
HttpOnly: options.HttpOnly,
|
|
|
|
SameSite: options.SameSite,
|
|
|
|
}
|
|
|
|
}
|