From 4ee3de773c311901db5e7b00c08eeff4144c1692 Mon Sep 17 00:00:00 2001 From: William Petit Date: Tue, 13 Oct 2020 14:59:25 +0200 Subject: [PATCH] =?UTF-8?q?Possibilit=C3=A9=20de=20configurer=20les=20opti?= =?UTF-8?q?ons=20du=20cookie?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cmd/server/container.go | 3 ++- internal/config/config.go | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/cmd/server/container.go b/cmd/server/container.go index 925aa19..8694e24 100644 --- a/cmd/server/container.go +++ b/cmd/server/container.go @@ -79,8 +79,9 @@ func getServiceContainer(ctx context.Context, conf *config.Config) (*service.Con // Define default cookie options sessionStore.SessionOpts.Path = "/" sessionStore.SessionOpts.HttpOnly = true + sessionStore.SessionOpts.Secure = conf.HTTP.CookieSecure sessionStore.SessionOpts.MaxAge = conf.HTTP.CookieMaxAge - sessionStore.SessionOpts.SameSite = http.SameSiteStrictMode + sessionStore.SessionOpts.SameSite = http.SameSiteLaxMode ctn.Provide( session.ServiceName, diff --git a/internal/config/config.go b/internal/config/config.go index 9f37b55..2036d28 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -47,6 +47,7 @@ type HTTPConfig struct { CookieAuthenticationKey string `yaml:"cookieAuthenticationKey" env:"HTTP_COOKIE_AUTHENTICATION_KEY"` CookieEncryptionKey string `yaml:"cookieEncryptionKey" env:"HTTP_COOKIE_ENCRYPTION_KEY"` CookieMaxAge int `yaml:"cookieMaxAge" env:"HTTP_COOKIE_MAX_AGE"` + CookieSecure bool `yaml:"cookieSecure" env:"HTTP_COOKIE_SECURE"` TemplateDir string `yaml:"templateDir" env:"HTTP_TEMPLATE_DIR"` PublicDir string `yaml:"publicDir" env:"HTTP_PUBLIC_DIR"` FrontendURL string `yaml:"frontendURL" env:"HTTP_FRONTEND_URL"`