Make session cookie HttpOnly and Secure

This commit is contained in:
Maximilian 2022-11-01 17:59:18 -05:00
parent 967e918df1
commit 92529640d6

View File

@ -122,10 +122,12 @@ func createSessionCookie(app *app.App, w http.ResponseWriter, username string) (
// Create session cookie, containing token
cookie := &http.Cookie{
Name: "session",
Value: token,
Path: "/",
MaxAge: 86400,
Name: "session",
Value: token,
Path: "/",
MaxAge: 86400,
HttpOnly: true,
Secure: true,
}
http.SetCookie(w, cookie)