From 5f69ae9380bd9ceba80027a737b6b27f9bb8a158 Mon Sep 17 00:00:00 2001 From: Ludvig Lundgren Date: Sun, 22 Aug 2021 15:31:20 +0200 Subject: [PATCH] feat: add secure flags to cookie (#17) --- internal/http/auth.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/internal/http/auth.go b/internal/http/auth.go index 9ea8130..f3b5e0c 100644 --- a/internal/http/auth.go +++ b/internal/http/auth.go @@ -44,6 +44,9 @@ func (h authHandler) login(w http.ResponseWriter, r *http.Request) { return } + store.Options.Secure = true + store.Options.HttpOnly = true + store.Options.SameSite = http.SameSiteStrictMode session, _ := store.Get(r, "user_session") _, err := h.authService.Login(data.Username, data.Password)