-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add cookie attributes in Web.Session.set
#566
Comments
hey @Favo02! exposing those parameters would make sense! the main reason that we haven't done that yet, is that the defaults worked for our uses cases. if you want to give it a shot, we'd appreciate a pr! |
The PR needs to wait a bit because the function |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello, thanks for the incredibly useful library!
I am developing a REST API, the authorization is managed using signed cookies with the
Web.Sessions
module.The
set
cookie function accepts as optional parameters only?cookie_key
and?secret
.I noticed that the underlying
Opium.Response.add_cookie_or_replace
offers a bigger API, with?expires
,?same_site
,?secure
and?http_only
parameters, which are all very useful (and important for security reasons) while building apps that uses cookies. Is there any particular reason for "hiding" them?I ended up using directly
Opium.Response.add_cookie_or_replace
to set cookies andWeb.Sessions.find
to read them, which is inconvenient. I think that a few more optional parameters to theWeb.Sessions.set
function (which would be passed directly to theOpium
call) would be really helpful, if needed I can create a PR.The text was updated successfully, but these errors were encountered: