mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2025-11-03 18:52:24 -06:00
98263a7de6* start fixing up tests * fix up tests + automate with drone * fiddle with linting * messing about with drone.yml * some more fiddling * hmmm * add cache * add vendor directory * verbose * ci updates * update some little things * update sig
36 lines
1 KiB
Go
36 lines
1 KiB
Go
// +build go1.11
|
|
|
|
package sessions
|
|
|
|
import (
|
|
gsessions "github.com/gorilla/sessions"
|
|
"net/http"
|
|
)
|
|
|
|
// Options stores configuration for a session or session store.
|
|
// Fields are a subset of http.Cookie fields.
|
|
type Options struct {
|
|
Path string
|
|
Domain string
|
|
// MaxAge=0 means no 'Max-Age' attribute specified.
|
|
// MaxAge<0 means delete cookie now, equivalently 'Max-Age: 0'.
|
|
// MaxAge>0 means Max-Age attribute present and given in seconds.
|
|
MaxAge int
|
|
Secure bool
|
|
HttpOnly bool
|
|
// rfc-draft to preventing CSRF: https://tools.ietf.org/html/draft-west-first-party-cookies-07
|
|
// refer: https://godoc.org/net/http
|
|
// https://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/
|
|
SameSite http.SameSite
|
|
}
|
|
|
|
func (options Options) ToGorillaOptions() *gsessions.Options {
|
|
return &gsessions.Options{
|
|
Path: options.Path,
|
|
Domain: options.Domain,
|
|
MaxAge: options.MaxAge,
|
|
Secure: options.Secure,
|
|
HttpOnly: options.HttpOnly,
|
|
SameSite: options.SameSite,
|
|
}
|
|
}
|