Merge pull request #7 from shebinleo/master

Support for samesite attribute of the cookie
go-session · Jul 31, 2021 · 77451f6 · 77451f6
2 parents 9d567cb + 40e7c53
commit 77451f6
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/session.go b/session.go
@@ -30,6 +30,7 @@ var defaultOptions = options{
 	cookieLifeTime: 3600 * 24 * 7,
 	expired:        7200,
 	secure:         true,
+	sameSite:       http.SameSiteDefaultMode,
 	sessionID: func(_ context.Context) string {
 		return newUUID()
 	},
@@ -43,6 +44,7 @@ type options struct {
 	cookieLifeTime          int
 	secure                  bool
 	domain                  string
+	sameSite                http.SameSite
 	expired                 int64
 	sessionID               IDHandlerFunc
 	enableSetCookie         bool
@@ -90,6 +92,13 @@ func SetSecure(secure bool) Option {
 	}
 }
 
+// SetSameSite Set SameSite attribute of the cookie
+func SetSameSite(sameSite http.SameSite) Option {
+	return func(o *options) {
+		o.sameSite = sameSite
+	}
+}
+
 // SetExpired Set session expiration time (in seconds)
 func SetExpired(expired int64) Option {
 	return func(o *options) {
@@ -261,6 +270,7 @@ func (m *Manager) setCookie(sessionID string, w http.ResponseWriter, r *http.Req
 			HttpOnly: true,
 			Secure:   m.isSecure(r),
 			Domain:   m.opts.domain,
+			SameSite: m.opts.sameSite,
 		}
 
 		if v := m.opts.cookieLifeTime; v > 0 {