Use session CreatedAt for cookie timings
This commit is contained in:
parent
296d989e58
commit
2c566a5f5b
@ -55,6 +55,10 @@ func NewRedisSessionStore(opts *options.SessionOptions, cookieOpts *options.Cook
|
|||||||
// Save takes a sessions.SessionState and stores the information from it
|
// Save takes a sessions.SessionState and stores the information from it
|
||||||
// to redies, and adds a new ticket cookie on the HTTP response writer
|
// to redies, and adds a new ticket cookie on the HTTP response writer
|
||||||
func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *sessions.SessionState) error {
|
func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *sessions.SessionState) error {
|
||||||
|
if s.CreatedAt.IsZero() {
|
||||||
|
s.CreatedAt = time.Now()
|
||||||
|
}
|
||||||
|
|
||||||
// Old sessions that we are refreshing would have a request cookie
|
// Old sessions that we are refreshing would have a request cookie
|
||||||
// New sessions don't, so we ignore the error. storeValue will check requestCookie
|
// New sessions don't, so we ignore the error. storeValue will check requestCookie
|
||||||
requestCookie, _ := req.Cookie(store.CookieOptions.CookieName)
|
requestCookie, _ := req.Cookie(store.CookieOptions.CookieName)
|
||||||
@ -73,7 +77,7 @@ func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *se
|
|||||||
ticketString,
|
ticketString,
|
||||||
store.CookieOptions,
|
store.CookieOptions,
|
||||||
store.CookieOptions.CookieExpire,
|
store.CookieOptions.CookieExpire,
|
||||||
time.Now(),
|
s.CreatedAt,
|
||||||
)
|
)
|
||||||
|
|
||||||
http.SetCookie(rw, ticketCookie)
|
http.SetCookie(rw, ticketCookie)
|
||||||
|
Loading…
Reference in New Issue
Block a user