diff options
| author | MHSanaei <ho3ein.sanaei@gmail.com> | 2026-04-20 15:00:18 +0300 |
|---|---|---|
| committer | MHSanaei <ho3ein.sanaei@gmail.com> | 2026-04-20 15:00:18 +0300 |
| commit | c188056f64be268dda8f7c16e23f7ef9c90d014f (patch) | |
| tree | 4494f90a3447f92dbfc6751a5ddcbf34a7f9d26c /web/controller | |
| parent | 0a424a9f160b0193bd8064b94e54aa1bfb9f0de5 (diff) | |
Centralize session options and adjust cookies
Configure session cookie options centrally in initRouter and remove per-login MaxAge handling. Deleted SetMaxAge helper and its use in the login flow; session.Options are now applied once using basePath with HttpOnly and SameSite defaults, and MaxAge is set only when the stored setting is available and >0. Also make CookieManager.setCookie treat exdays as optional (only add expires when provided) and stop using a hardcoded 150-day expiry for the lang cookie in the JS language manager.
Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com>
Diffstat (limited to 'web/controller')
| -rw-r--r-- | web/controller/index.go | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/web/controller/index.go b/web/controller/index.go index dd58e5e5..1325bed5 100644 --- a/web/controller/index.go +++ b/web/controller/index.go @@ -95,12 +95,6 @@ func (a *IndexController) login(c *gin.Context) { logger.Infof("%s logged in successfully, Ip Address: %s\n", safeUser, getRemoteIp(c)) a.tgbot.UserLoginNotify(safeUser, ``, getRemoteIp(c), timeStr, 1) - sessionMaxAge, err := a.settingService.GetSessionMaxAge() - if err != nil { - logger.Warning("Unable to get session's max age from DB") - } - - session.SetMaxAge(c, sessionMaxAge*60) session.SetLoginUser(c, user) if err := sessions.Default(c).Save(); err != nil { logger.Warning("Unable to save session: ", err) |