yume/yoake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix auth cookie age

Browse source
This commit is contained in:
ゆめ 2022-11-16 17:45:54 -06:00
parent eca61144e5
commit b93f3915b7
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
internal/auth/auth.go
View file

@ -100,6 +100,9 @@ func Middleware(store sessions.Store) echo.MiddlewareFunc {
sess.Options = &sessions.Options{ sess.Options = &sessions.Options{
Path: "/", Path: "/",
HttpOnly: true, HttpOnly: true,
SameSite: http.SameSiteStrictMode,
Secure: config.Config().Listen.Ssl.Use,
MaxAge: config.Config().Auth.ValidMinutes * 60 * 5,
} }
var auth RequestAuth var auth RequestAuth
@ -137,6 +140,7 @@ func issueSession(c echo.Context, period time.Duration, roles []string) error {
HttpOnly: true, HttpOnly: true,
SameSite: http.SameSiteStrictMode, SameSite: http.SameSiteStrictMode,
Secure: config.Config().Listen.Ssl.Use, Secure: config.Config().Listen.Ssl.Use,
MaxAge: config.Config().Auth.ValidMinutes * 60 * 5,
} }
if period == 0 { if period == 0 {
period = time.Duration(config.Config().Auth.ValidMinutes) * time.Minute period = time.Duration(config.Config().Auth.ValidMinutes) * time.Minute