Skip to content

Commit 0aea9bf

Browse files
nvdknvdk
committed
allow setting cookie max age
In some settings 'session cookies' are not preferred, since they can be very long lived. This allows set the cookie max age to auto expire cookies
1 parent 1297bc0 commit 0aea9bf

File tree

3 files changed

+10
-1
lines changed

3 files changed

+10
-1
lines changed

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -170,6 +170,7 @@ All settings are configured through environment variables.
170170
* `SESSION_COOKIE_SECURE`: Set SECURE flag of the session cookie (see [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie))
171171
* `SESSION_COOKIE_HTTP_ONLY`: Set HTTP_ONLY flag of the session cookie (see [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie)), on by default.
172172
* `SESSION_COOKIE_SAME_SITE`: Set SAME_SITE flag of the session cookie (see [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie)), "Lax" by default unless `DEFAULT_ACCESS_CONTROL_ALLOW_ORIGIN_HEADER` is "*" then "None" by default. This means the cookie is available only on your site unless you've also set the CORS header.
173+
* `SESSION_COOKIE_MAX_AGE`: Set the number of seconds until the cookie expires. By default this is not set and the cookie is a [session cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#expiresdate).
173174
* `IDLE_TIMEOUT`: the amount of time (in ms) that idle requests will be kept open (see [`idle_timeout` in the Cowboy docs](https://ninenines.eu/docs/en/cowboy/2.5/manual/cowboy_http/))
174175
* `OVERRIDE_VARY_HEADER`: EXPERIMENTAL When set, the [`Vary` header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Vary) is overriden with the specified variable, regardless of what the backend provides.
175176

config/config.exs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,7 @@ config :mu_identifier,
4949
default_access_control_allow_origin_header:
5050
System.get_env("DEFAULT_ACCESS_CONTROL_ALLOW_ORIGIN_HEADER"),
5151
default_mu_auth_allowed_groups_header: System.get_env("DEFAULT_MU_AUTH_ALLOWED_GROUPS_HEADER"),
52+
session_cookie_max_age: System.get_env("SESSION_COOKIE_MAX_AGE"),
5253
session_cookie_secure: CH.system_boolean("SESSION_COOKIE_SECURE", false),
5354
session_cookie_http_only: CH.system_boolean("SESSION_COOKIE_HTTP_ONLY", true),
5455
session_cookie_same_site: CH.calculate_same_site(),

lib/proxy.ex

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,11 +63,18 @@ defmodule Proxy do
6363
end
6464

6565
def opts_from_environment do
66-
[
66+
base_opts = [
6767
secure: Application.get_env(:mu_identifier, :session_cookie_secure),
6868
http_only: Application.get_env(:mu_identifier, :session_cookie_http_only),
6969
same_site: Application.get_env(:mu_identifier, :session_cookie_same_site)
7070
]
71+
72+
max_age = Application.get_env(:mu_identifier, :session_cookie_max_age)
73+
74+
case max_age do
75+
nil -> base_opts
76+
age -> base_opts ++ [max_age: String.to_integer(age)]
77+
end
7178
end
7279

7380
end

0 commit comments

Comments
 (0)