miniflux-v2/internal/http/cookie/cookie.go

// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
// SPDX-License-Identifier: Apache-2.0

package cookie // import "miniflux.app/v2/internal/http/cookie"

import (
	"net/http"
	"time"
)

// Cookie names.
const (
	CookieAppSessionID  = "MinifluxAppSessionID"
	CookieUserSessionID = "MinifluxUserSessionID"

	// Cookie duration in days.
	cookieDuration = 30
)

// New creates a new cookie.
func New(name, value string, isHTTPS bool, path string) *http.Cookie {
	return &http.Cookie{
		Name:     name,
		Value:    value,
		Path:     basePath(path),
		Secure:   isHTTPS,
		HttpOnly: true,
		Expires:  time.Now().Add(cookieDuration * 24 * time.Hour),
		SameSite: http.SameSiteLaxMode,
	}
}

// Expired returns an expired cookie.
func Expired(name string, isHTTPS bool, path string) *http.Cookie {
	return &http.Cookie{
		Name:     name,
		Value:    "",
		Path:     basePath(path),
		Secure:   isHTTPS,
		HttpOnly: true,
		MaxAge:   -1,
		Expires:  time.Date(1970, 1, 1, 0, 0, 0, 0, time.UTC),
		SameSite: http.SameSiteLaxMode,
	}
}

func basePath(path string) string {
	if path == "" {
		return "/"
	}
	return path
}
Replace copyright header with SPDX identifier 2023-06-19 23:42:47 +02:00			`// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.`
			`// SPDX-License-Identifier: Apache-2.0`
Session management refactoring 2017-12-17 03:07:53 +01:00
Move internal packages to an internal folder For reference: https://go.dev/doc/go1.4#internalpackages 2023-08-11 04:46:45 +02:00			`package cookie // import "miniflux.app/v2/internal/http/cookie"`
Session management refactoring 2017-12-17 03:07:53 +01:00
			`import (`
			`"net/http"`
			`"time"`
			`)`

			`// Cookie names.`
			`const (`
Rename session cookies 2019-01-22 05:26:46 +01:00			`CookieAppSessionID = "MinifluxAppSessionID"`
			`CookieUserSessionID = "MinifluxUserSessionID"`
Increase session cookies expiration 2017-12-23 01:42:17 +01:00
			`// Cookie duration in days.`
			`cookieDuration = 30`
Session management refactoring 2017-12-17 03:07:53 +01:00			`)`

Increase session cookies expiration 2017-12-23 01:42:17 +01:00			`// New creates a new cookie.`
Add support for base URLs with subfolders 2018-02-04 00:33:17 +01:00			`func New(name, value string, isHTTPS bool, path string) *http.Cookie {`
Session management refactoring 2017-12-17 03:07:53 +01:00			`return &http.Cookie{`
			`Name: name,`
			`Value: value,`
Add support for base URLs with subfolders 2018-02-04 00:33:17 +01:00			`Path: basePath(path),`
Session management refactoring 2017-12-17 03:07:53 +01:00			`Secure: isHTTPS,`
			`HttpOnly: true,`
Increase session cookies expiration 2017-12-23 01:42:17 +01:00			`Expires: time.Now().Add(cookieDuration * 24 * time.Hour),`
Revert "Set SameSite cookie attribute to Strict" This reverts commit 5ac55518abe87ff871942c02c0cf0c536c6035d8. Google Authentication doesn't work when Cookies are using strict mode. 2020-08-11 03:51:40 +02:00			`SameSite: http.SameSiteLaxMode,`
Session management refactoring 2017-12-17 03:07:53 +01:00			`}`
			`}`

			`// Expired returns an expired cookie.`
Add support for base URLs with subfolders 2018-02-04 00:33:17 +01:00			`func Expired(name string, isHTTPS bool, path string) *http.Cookie {`
Session management refactoring 2017-12-17 03:07:53 +01:00			`return &http.Cookie{`
			`Name: name,`
			`Value: "",`
Add support for base URLs with subfolders 2018-02-04 00:33:17 +01:00			`Path: basePath(path),`
Session management refactoring 2017-12-17 03:07:53 +01:00			`Secure: isHTTPS,`
			`HttpOnly: true,`
			`MaxAge: -1,`
			`Expires: time.Date(1970, 1, 1, 0, 0, 0, 0, time.UTC),`
Revert "Set SameSite cookie attribute to Strict" This reverts commit 5ac55518abe87ff871942c02c0cf0c536c6035d8. Google Authentication doesn't work when Cookies are using strict mode. 2020-08-11 03:51:40 +02:00			`SameSite: http.SameSiteLaxMode,`
Session management refactoring 2017-12-17 03:07:53 +01:00			`}`
			`}`
Add support for base URLs with subfolders 2018-02-04 00:33:17 +01:00
			`func basePath(path string) string {`
			`if path == "" {`
			`return "/"`
			`}`
			`return path`
			`}`