From 6acc37cf2737cbbf802fcbffb3ed6f37e423e9c2 Mon Sep 17 00:00:00 2001
From: "1808837298@qq.com" <1808837298@qq.com>
Date: Tue, 11 Feb 2025 15:45:24 +0800
Subject: [PATCH] feat: configure session store options for API routes

- Set session cookie path to "/api"
- Disable secure flag for local development
- Enable HttpOnly flag for improved security
---
 main.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/main.go b/main.go
index cf1b8be3..e309d509 100644
--- a/main.go
+++ b/main.go
@@ -145,6 +145,11 @@ func main() {
 	middleware.SetUpLogger(server)
 	// Initialize session store
 	store := cookie.NewStore([]byte(common.SessionSecret))
+	store.Options(sessions.Options{
+		Path:     "/api",
+		Secure:   false,
+		HttpOnly: true,
+	})
 	server.Use(sessions.Sessions("session", store))
 
 	router.SetRouter(server, buildFS, indexPage)