oadmin/new-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enhance session store security and configuration

Browse Source 
- Add 30-day max age for session cookies
- Enable HttpOnly flag
- Set SameSite to strict mode
This commit is contained in:
1808837298@qq.com
2025-02-11 17:06:51 +08:00
parent bbc1550a9e
commit cb4d40c3c8
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
main.go
View File

@@ -147,7 +147,10 @@ func main() {
store := cookie.NewStore([]byte(common.SessionSecret))
store.Options(sessions.Options{
Path: "/",
MaxAge: 2592000, // 30 days
HttpOnly: true,
Secure: false,
SameSite: http.SameSiteStrictMode,
})
server.Use(sessions.Sessions("session", store))