Documentation
¶
Overview ¶
Package cookie provides utilities for setting and clearing HTTP cookies with secure defaults appropriate for authentication and session management.
Index ¶
- func Clear(w http.ResponseWriter, name string)
- func ClearLiveTemplateSession(w http.ResponseWriter)
- func ClearSecure(w http.ResponseWriter, name string)
- func Get(r *http.Request, name string) string
- func IsSecure(r *http.Request) bool
- func Set(w http.ResponseWriter, name, value string, maxAge int)
- func SetSecure(w http.ResponseWriter, name, value string, maxAge int)
- func SetSession(w http.ResponseWriter, r *http.Request, name, value string, maxAgeDays int)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Clear ¶
func Clear(w http.ResponseWriter, name string)
Clear clears a cookie by setting MaxAge to -1.
Example:
cookie.Clear(w, "session")
func ClearLiveTemplateSession ¶
func ClearLiveTemplateSession(w http.ResponseWriter)
ClearLiveTemplateSession clears the LiveTemplate session cookie. This forces a fresh session state on the next page load, which is necessary after logout to ensure the home page shows the correct logged-out state.
Example:
// In logout handler cookie.Clear(w, "users_token") cookie.ClearLiveTemplateSession(w) http.Redirect(w, r, "/", http.StatusSeeOther)
func ClearSecure ¶
func ClearSecure(w http.ResponseWriter, name string)
ClearSecure clears a secure cookie by setting MaxAge to -1. Matches the attributes used by SetSecure.
Example:
cookie.ClearSecure(w, "session")
func Get ¶
Get retrieves a cookie value by name. Returns empty string if cookie doesn't exist.
Example:
token := cookie.Get(r, "session")
if token == "" {
// Not logged in
}
func IsSecure ¶
IsSecure returns true if the request is over HTTPS. It checks both the URL scheme and common proxy headers.
func Set ¶
func Set(w http.ResponseWriter, name, value string, maxAge int)
Set sets a cookie with secure defaults. Uses HttpOnly and SameSite=Lax for security.
Example:
cookie.Set(w, "preference", "dark", 86400) // 1 day
func SetSecure ¶
func SetSecure(w http.ResponseWriter, name, value string, maxAge int)
SetSecure sets a cookie with strict security settings. Uses HttpOnly, Secure, and SameSite=Strict. Use this for sensitive cookies like session tokens.
Example:
cookie.SetSecure(w, "session", token, 30*24*60*60) // 30 days
func SetSession ¶
SetSession sets a session cookie with strict security settings. The maxAgeDays parameter specifies how long the session should last. Uses HttpOnly and SameSite=Strict for authentication cookies. The Secure flag is automatically set based on the request protocol.
Example:
cookie.SetSession(w, r, "users_token", token, 30) // 30 days
Types ¶
This section is empty.