signedcookie

package

v0.82.0 Latest Latest Go to latest Published: Jan 2, 2026 License: BSD-3-Clause Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vormadev/vorma

Links

Open Source Insights

Documentation ¶

Overview ¶

Package signedcookie provides a secure cookie manager for Go web applications.

Index ¶

Constants
type BaseCookie
type Manager
- func NewManager(secrets keyset.RootSecrets) (*Manager, error)
type SignedCookie

Constants ¶

View Source

const SecretSize = 32 // SecretSize is the size, in bytes, of a cookie secret.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type BaseCookie ¶

type BaseCookie = http.Cookie

BaseCookie is a type alias for http.Cookie. It is used for providing and overriding default cookie settings. Note that the Name, HttpOnly, and Secure fields are ignored. The expires field is not ignored, but it will be overridden by an explicitly set TTL.

type Manager ¶

type Manager struct {
	// contains filtered or unexported fields
}

Manager handles the creation, signing, and verification of secure cookies.

func NewManager ¶

func NewManager(secrets keyset.RootSecrets) (*Manager, error)

NewManager creates a new Manager instance with the provided secrets. It returns an error if no secrets are provided or if any secret is invalid.

func (Manager) NewDeletionCookie ¶

func (m Manager) NewDeletionCookie(cookie http.Cookie) *http.Cookie

NewDeletionCookie creates a new cookie that will delete the specified cookie when sent to the client.

func (Manager) SignCookie ¶

func (m Manager) SignCookie(unsignedCookie *http.Cookie, encrypt bool) error

SignCookie retrieves the value of the provided cookie, signs it, and replaces the value with the signed value. If encrypt is true, the value will be encrypted before signing.

func (Manager) VerifyAndReadCookieValue ¶

func (m Manager) VerifyAndReadCookieValue(r *http.Request, key string) (string, error)

VerifyAndReadCookieValue retrieves and verifies the value of a signed cookie. It returns an error if the cookie is not found or is invalid.

type SignedCookie ¶

type SignedCookie[T any] struct {
	Manager    *Manager
	TTL        time.Duration
	BaseCookie BaseCookie
	Encrypt    bool
}

SignedCookie provides methods for working with signed cookies of a specific type T. If Encrypt is true, the cookie value will be encrypted before signing and decrypted after a successful verification.

func (*SignedCookie[T]) NewDeletionCookie ¶

func (sc *SignedCookie[T]) NewDeletionCookie() *http.Cookie

NewDeletionCookie creates a new cookie that will delete the current cookie when sent to the client.

func (*SignedCookie[T]) NewSignedCookie ¶

func (sc *SignedCookie[T]) NewSignedCookie(unsignedValue T, overrideBaseCookie *BaseCookie) (*http.Cookie, error)

NewSignedCookie creates a new signed cookie with the provided value and optional override settings.

func (*SignedCookie[T]) VerifyAndReadCookieValue ¶

func (sc *SignedCookie[T]) VerifyAndReadCookieValue(r *http.Request) (T, error)

VerifyAndReadCookieValue retrieves and verifies the value of the signed cookie from the request. It returns the decoded value of type T or an error if retrieval or verification fails.

Source Files ¶

View all Source files

signedcookie.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL