this repo has no description
back(auth): rename auth cookie
+3
-3
+1
-1
backend/internal/handlers/auth.go
+1
-1
backend/internal/handlers/auth.go
···
31
31
return
32
32
}
33
33
34
-
w.Header().Set("Set-Cookie", fmt.Sprintf("token=%s; HttpOnly; Secure; SameSite=Strict", token))
34
+
w.Header().Set("Set-Cookie", fmt.Sprintf("session=%s; HttpOnly; Secure; SameSite=Lax; Max-Age=%d", token, 7*24*60*60))
35
35
w.WriteHeader(http.StatusOK)
36
36
}
37
37
+2
-2
backend/internal/middlewares/auth.go
+2
-2
backend/internal/middlewares/auth.go
···
21
21
22
22
func (m *AuthMiddleware) RequireAuth(next http.Handler) http.Handler {
23
23
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
24
-
token, err := r.Cookie("token")
24
+
token, err := r.Cookie("session")
25
25
if err != nil {
26
26
http.Error(w, "missing authorization header", http.StatusUnauthorized)
27
27
return
···
29
29
30
30
userId, err := m.session.GetUserFromSession(token.Value)
31
31
if err != nil {
32
-
w.Header().Set("Set-Cookie", "id=token; Max-Age=0")
32
+
w.Header().Set("Set-Cookie", "session=; Max-Age=0")
33
33
http.Error(w, "invalid token", http.StatusUnauthorized)
34
34
return
35
35
}