Skip to content

Commit

Permalink
feat: add support for SameSite param in cookie
Browse files Browse the repository at this point in the history
  • Loading branch information
vividvilla committed Sep 4, 2020
1 parent 8dfe2d8 commit 6e49ab4
Show file tree
Hide file tree
Showing 5 changed files with 10 additions and 0 deletions.
2 changes: 2 additions & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,5 @@ require (
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/stretchr/testify v1.2.2
)

go 1.13
3 changes: 3 additions & 0 deletions manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,9 @@ type Options struct {
// CookieLifeTime sets expiry time for cookie.
// If expiry time is not specified then cookie is set as session cookie which is cleared on browser close.
CookieLifetime time.Duration

// SameSite sets allows you to declare if your cookie should be restricted to a first-party or same-site context.
SameSite http.SameSite
}

// New creates a new session manager for given options.
Expand Down
2 changes: 2 additions & 0 deletions manager_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ func TestManagerNewManagerWithOptions(t *testing.T) {
CookiePath: "/abc/123",
IsSecureCookie: true,
IsHTTPOnlyCookie: true,
SameSite: http.SameSiteLaxMode,
CookieLifetime: 2000 * time.Millisecond,
}

Expand All @@ -40,6 +41,7 @@ func TestManagerNewManagerWithOptions(t *testing.T) {
assert.Equal(m.opts.CookieDomain, opts.CookieDomain)
assert.Equal(m.opts.CookiePath, opts.CookiePath)
assert.Equal(m.opts.IsSecureCookie, opts.IsSecureCookie)
assert.Equal(m.opts.SameSite, opts.SameSite)
assert.Equal(m.opts.IsHTTPOnlyCookie, opts.IsHTTPOnlyCookie)
assert.Equal(m.opts.CookieLifetime, opts.CookieLifetime)
}
Expand Down
1 change: 1 addition & 0 deletions session.go
Original file line number Diff line number Diff line change
Expand Up @@ -140,6 +140,7 @@ func (s *Session) WriteCookie(cv string) error {
Path: s.manager.opts.CookiePath,
Secure: s.manager.opts.IsSecureCookie,
HttpOnly: s.manager.opts.IsHTTPOnlyCookie,
SameSite: s.manager.opts.SameSite,
}

// Set cookie expiry
Expand Down
2 changes: 2 additions & 0 deletions session_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -323,6 +323,7 @@ func TestSessionWriteCookie(t *testing.T) {
IsHTTPOnlyCookie: true,
IsSecureCookie: true,
DisableAutoSet: true,
SameSite: http.SameSiteDefaultMode,
}
mockStore.isValid = true

Expand All @@ -335,6 +336,7 @@ func TestSessionWriteCookie(t *testing.T) {
assert.Equal(sess.cookie.Domain, mockManager.opts.CookieDomain)
assert.Equal(sess.cookie.Path, mockManager.opts.CookiePath)
assert.Equal(sess.cookie.Secure, mockManager.opts.IsSecureCookie)
assert.Equal(sess.cookie.SameSite, mockManager.opts.SameSite)
assert.Equal(sess.cookie.HttpOnly, mockManager.opts.IsHTTPOnlyCookie)

// Ignore seconds
Expand Down

0 comments on commit 6e49ab4

Please sign in to comment.