Use SetCookie function
authorr <r@freesoftwareextremist.com>
Sun, 29 Dec 2019 05:59:31 +0000 (05:59 +0000)
committerr <r@freesoftwareextremist.com>
Sun, 29 Dec 2019 05:59:31 +0000 (05:59 +0000)
service/transport.go

index 20d96a58df024ba6fd1d5009008277b6e02bd4d2..bbf1f063c78f7892e43f59ccf3501b45de6b4ced 100644 (file)
@@ -2,11 +2,11 @@ package service
 
 import (
        "context"
-       "fmt"
        "mime/multipart"
        "net/http"
        "path"
        "strconv"
+       "time"
        "web/model"
 
        "github.com/gorilla/mux"
@@ -45,13 +45,18 @@ func NewHandler(s Service, staticDir string) http.Handler {
 
        r.HandleFunc("/signin", func(w http.ResponseWriter, req *http.Request) {
                instance := req.FormValue("instance")
-               url, sessionId, err := s.GetAuthUrl(ctx, instance)
+               url, sessionID, err := s.GetAuthUrl(ctx, instance)
                if err != nil {
                        s.ServeErrorPage(ctx, w, err)
                        return
                }
 
-               w.Header().Add("Set-Cookie", fmt.Sprintf("session_id=%s;max-age=%s", sessionId, cookieAge))
+               http.SetCookie(w, &http.Cookie{
+                       Name:     "session_id",
+                       Value:    sessionID,
+                       Expires:  time.Now().Add(365 * 24 * time.Hour),
+               })
+
                w.Header().Add("Location", url)
                w.WriteHeader(http.StatusFound)
        }).Methods(http.MethodPost)
@@ -366,7 +371,11 @@ func NewHandler(s Service, staticDir string) http.Handler {
 
        r.HandleFunc("/signout", func(w http.ResponseWriter, req *http.Request) {
                // TODO remove session from database
-               w.Header().Add("Set-Cookie", fmt.Sprintf("session_id=;max-age=0"))
+               http.SetCookie(w, &http.Cookie{
+                       Name:     "session_id",
+                       Value:    "",
+                       Expires:  time.Now(),
+               })
                w.Header().Add("Location", "/")
                w.WriteHeader(http.StatusFound)
        }).Methods(http.MethodGet)