From 74c2a2c055c56336a27571cdc04a40bebc78e4a4 Mon Sep 17 00:00:00 2001
From: William Petit <wpetit@cadoles.com>
Date: Fri, 8 Nov 2024 12:21:23 +0100
Subject: [PATCH] fix(authn): correctly handle session-limited cookies

See https://forge.cadoles.com/CNOUS/mse/issues/4347
---
 internal/session/store.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/session/store.go b/internal/session/store.go
index 5103bd3..e1ea49e 100644
--- a/internal/session/store.go
+++ b/internal/session/store.go
@@ -75,7 +75,7 @@ func (s *Store) New(r *http.Request, name string) (*sessions.Session, error) {
 }
 
 func (s *Store) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error {
-	if session.Options.MaxAge <= 0 {
+	if session.Options.MaxAge < 0 {
 		if err := s.delete(r.Context(), session); err != nil {
 			return errors.WithStack(err)
 		}