Asara/sudoscientist-go-backend
Archived
1
0
Fork 0
Code Issues Pull requests Releases 2 Wiki Activity

make cookies secure

Browse source
This commit is contained in:
Amarpreet Minhas 2019-10-05 22:50:48 -04:00
parent c2802b93ac
commit 5a0875a0ca
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
packages/auth/auth.go
View file

@ -172,9 +172,9 @@ func refresh(w http.ResponseWriter, r *http.Request) {
func setCookies(w http.ResponseWriter, jwt string, expiration time.Time) string { func setCookies(w http.ResponseWriter, jwt string, expiration time.Time) string {
splitToken := strings.Split(jwt, ".") splitToken := strings.Split(jwt, ".")
dataCookie := http.Cookie{Name: "DataCookie", Value: strings.Join(splitToken[:2], "."), Expires: expiration, HttpOnly: false, Path: "/", Domain: ".sudoscientist.com", MaxAge: 360, Secure: false} dataCookie := http.Cookie{Name: "DataCookie", Value: strings.Join(splitToken[:2], "."), Expires: expiration, HttpOnly: false, Path: "/", Domain: ".sudoscientist.com", MaxAge: 360, Secure: true}
http.SetCookie(w, &dataCookie) http.SetCookie(w, &dataCookie)
signatureCookie := http.Cookie{Name: "SignatureCookie", Value: splitToken[2], Expires: expiration, HttpOnly: true, Path: "/", Domain: ".sudoscientist.com", MaxAge: 360, Secure: false} signatureCookie := http.Cookie{Name: "SignatureCookie", Value: splitToken[2], Expires: expiration, HttpOnly: true, Path: "/", Domain: ".sudoscientist.com", MaxAge: 360, Secure: true}
http.SetCookie(w, &signatureCookie) http.SetCookie(w, &signatureCookie)
return strings.Join(splitToken[:2], ".") return strings.Join(splitToken[:2], ".")
} }