Exemple #1
0
// NewCookieStore returns a new CookieStore.
//
// Keys are defined in pairs to allow key rotation, but the common case is
// to set a single authentication key and optionally an encryption key.
//
// The first key in a pair is used for authentication and the second for
// encryption. The encryption key can be set to nil or omitted in the last
// pair, but the authentication key is required in all pairs.
//
// It is recommended to use an authentication key with 32 or 64 bytes.
// The encryption key, if set, must be either 16, 24, or 32 bytes to select
// AES-128, AES-192, or AES-256 modes.
//
// Use the convenience function securecookie.GenerateRandomKey() to create
// strong keys.
func NewCookieStore(keyPairs ...[]byte) *CookieStore {
	return &CookieStore{
		Codecs: securecookie.CodecsFromPairs(keyPairs...),
		Options: &Options{
			Path:   "/",
			MaxAge: 86400 * 30,
		},
	}
}
Exemple #2
0
// NewFilesystemStore returns a new FilesystemStore.
//
// The path argument is the directory where sessions will be saved. If empty
// it will use os.TempDir().
//
// See NewCookieStore() for a description of the other parameters.
func NewFilesystemStore(path string, keyPairs ...[]byte) *FilesystemStore {
	if path == "" {
		path = os.TempDir()
	}
	if path[len(path)-1] != '/' {
		path += "/"
	}
	return &FilesystemStore{
		Codecs: securecookie.CodecsFromPairs(keyPairs...),
		Options: &Options{
			Path:   "/",
			MaxAge: 86400 * 30,
		},
		path: path,
	}
}
Exemple #3
0
package app

import (
	"net/http"
	"time"

	"securecookie"
)

const (
	flashKey string = "_flash"
)

var codecs = securecookie.CodecsFromPairs(kHashKey, kBlockKey)

// Subset of http://golang.org/pkg/net/http/#Cookie.
type CookieOptions struct {
	MaxAge int
}

func SetCookie(name string, value interface{}, options *CookieOptions, w http.ResponseWriter) error {
	encoded, err := securecookie.EncodeMulti(name, value, codecs...)
	if err != nil {
		return err
	}

	// NOTE(sadovsky): If path is not "/", Chrome will not set cookies on a 302
	// redirect.
	cookie := &http.Cookie{
		Name:     name,
		Value:    encoded,