package sessions import ( "net/http" gsessions "github.com/gorilla/sessions" ) // Options stores configuration for a session or session store. // Fields are a subset of http.Cookie fields. type Options struct { Path string Domain string // MaxAge=0 means no 'Max-Age' attribute specified. // MaxAge<0 means delete cookie now, equivalently 'Max-Age: 0'. // MaxAge>0 means Max-Age attribute present and given in seconds. MaxAge int Secure bool HttpOnly bool // rfc-draft to preventing CSRF: https://tools.ietf.org/html/draft-west-first-party-cookies-07 // refer: https://godoc.org/net/http // https://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/ SameSite http.SameSite } func (options Options) ToGorillaOptions() *gsessions.Options { return &gsessions.Options{ Path: options.Path, Domain: options.Domain, MaxAge: options.MaxAge, Secure: options.Secure, HttpOnly: options.HttpOnly, SameSite: options.SameSite, } }