grafana/pkg/middleware/cookie.go

package middleware

import (
	"net/http"

	"github.com/grafana/grafana/pkg/setting"
)

type CookieOptions struct {
	Path     string
	Secure   bool
	SameSite http.SameSite
}

func newCookieOptions() CookieOptions {
	return CookieOptions{
		Path:     setting.AppSubUrl + "/",
		Secure:   setting.CookieSecure,
		SameSite: setting.CookieSameSite,
	}
}

type GetCookieOptionsFunc func() CookieOptions

func DeleteCookie(w http.ResponseWriter, name string, getCookieOptionsFunc GetCookieOptionsFunc) {
	WriteCookie(w, name, "", -1, getCookieOptionsFunc)
}

func WriteCookie(w http.ResponseWriter, name string, value string, maxAge int, getCookieOptionsFunc GetCookieOptionsFunc) {
	options := getCookieOptionsFunc()
	cookie := http.Cookie{
		Name:     name,
		MaxAge:   maxAge,
		Value:    value,
		HttpOnly: true,
		Path:     options.Path,
		Secure:   options.Secure,
	}
	if options.SameSite != http.SameSiteDefaultMode {
		cookie.SameSite = options.SameSite
	}
	http.SetCookie(w, &cookie)
}