fix(authn): correctly handle session-limited cookies

See CNOUS/mse#4347
2024-11-08 12:21:23 +01:00 · 2024-11-08 12:21:23 +01:00 · 74c2a2c055
commit 74c2a2c055
parent 239d4573c3
1 changed files with 1 additions and 1 deletions
--- a/internal/session/store.go
+++ b/internal/session/store.go
@ -75,7 +75,7 @@ func (s *Store) New(r *http.Request, name string) (*sessions.Session, error) {
 }

 func (s *Store) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
-	if session.Options.MaxAge <= 0 {
+	if session.Options.MaxAge < 0 {
 		if err := s.delete(r.Context(), session); err != nil {
 			return errors.WithStack(err)
 		}