Fixing cookie

author: =Corey Hulen <corey@hulen.com> 2016-04-28 17:03:52 -0700
committer: =Corey Hulen <corey@hulen.com> 2016-04-28 17:03:52 -0700
commit: ad9dfc9c42b6597515d9eb0a96e9f069372dffdd (patch)
tree: 33c56608590b5c727531b2224a5bc2ac13e437dc /api
parent: 9fecf96d3bf49e7c10cff58f656eabf829c83167 (diff)
download: chat-ad9dfc9c42b6597515d9eb0a96e9f069372dffdd.tar.gz
chat-ad9dfc9c42b6597515d9eb0a96e9f069372dffdd.tar.bz2
chat-ad9dfc9c42b6597515d9eb0a96e9f069372dffdd.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/api/user.go b/api/user.go
index b905fb639..0962b7cbc 100644
--- a/api/user.go
+++ b/api/user.go
@@ -711,6 +711,11 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User,
 
 	w.Header().Set(model.HEADER_TOKEN, session.Token)
 
+	secure := false
+	if GetProtocol(r) == "https" {
+		secure := true
+	}
+
 	expiresAt := time.Unix(model.GetMillis()/1000+int64(maxAge), 0)
 	sessionCookie := &http.Cookie{
 		Name:     model.SESSION_COOKIE_TOKEN,
@@ -719,6 +724,7 @@ func Login(c *Context, w http.ResponseWriter, r *http.Request, user *model.User,
 		MaxAge:   maxAge,
 		Expires:  expiresAt,
 		HttpOnly: true,
+		Secure:   secure,
 	}
 
 	http.SetCookie(w, sessionCookie)
author	=Corey Hulen <corey@hulen.com>	2016-04-28 17:03:52 -0700
committer	=Corey Hulen <corey@hulen.com>	2016-04-28 17:03:52 -0700
commit	ad9dfc9c42b6597515d9eb0a96e9f069372dffdd (patch)
tree	33c56608590b5c727531b2224a5bc2ac13e437dc /api
parent	9fecf96d3bf49e7c10cff58f656eabf829c83167 (diff)
download	chat-ad9dfc9c42b6597515d9eb0a96e9f069372dffdd.tar.gz chat-ad9dfc9c42b6597515d9eb0a96e9f069372dffdd.tar.bz2 chat-ad9dfc9c42b6597515d9eb0a96e9f069372dffdd.zip