feat: configure session store options for API routes

- Set session cookie path to "/api" - Disable secure flag for local development - Enable HttpOnly flag for improved security
2025-02-11 15:45:24 +08:00
parent 0e89939a12
commit 6acc37cf27
1 changed files with 5 additions and 0 deletions
--- a/main.go
+++ b/main.go
@@ -145,6 +145,11 @@ func main() {
 	middleware.SetUpLogger(server)
 	// Initialize session store
 	store := cookie.NewStore([]byte(common.SessionSecret))
+	store.Options(sessions.Options{
+		Path:     "/api",
+		Secure:   false,
+		HttpOnly: true,
+	})
 	server.Use(sessions.Sessions("session", store))

 	router.SetRouter(server, buildFS, indexPage)