From ed14478d0fd6d80b6ebefc1f97387a71e49c378e Mon Sep 17 00:00:00 2001 From: maniSHarma7575 Date: Sun, 14 Jul 2024 19:35:36 +0530 Subject: [PATCH 1/2] [FEATURE] SetCookie method should be publicly exposed --- auth_jwt.go | 63 +++++++++++++++++++++-------------------------------- 1 file changed, 25 insertions(+), 38 deletions(-) diff --git a/auth_jwt.go b/auth_jwt.go index 1804494..4ca1809 100644 --- a/auth_jwt.go +++ b/auth_jwt.go @@ -517,25 +517,7 @@ func (mw *GinJWTMiddleware) LoginHandler(c *gin.Context) { return } - // set cookie - if mw.SendCookie { - expireCookie := mw.TimeFunc().Add(mw.CookieMaxAge) - maxage := int(expireCookie.Unix() - mw.TimeFunc().Unix()) - - if mw.CookieSameSite != 0 { - c.SetSameSite(mw.CookieSameSite) - } - - c.SetCookie( - mw.CookieName, - tokenString, - maxage, - "/", - mw.CookieDomain, - mw.SecureCookie, - mw.CookieHTTPOnly, - ) - } + mw.SetCookie(c, tokenString) mw.LoginResponse(c, http.StatusOK, tokenString, expire) } @@ -609,25 +591,7 @@ func (mw *GinJWTMiddleware) RefreshToken(c *gin.Context) (string, time.Time, err return "", time.Now(), err } - // set cookie - if mw.SendCookie { - expireCookie := mw.TimeFunc().Add(mw.CookieMaxAge) - maxage := int(expireCookie.Unix() - time.Now().Unix()) - - if mw.CookieSameSite != 0 { - c.SetSameSite(mw.CookieSameSite) - } - - c.SetCookie( - mw.CookieName, - tokenString, - maxage, - "/", - mw.CookieDomain, - mw.SecureCookie, - mw.CookieHTTPOnly, - ) - } + mw.SetCookie(c, tokenString) return tokenString, expire, nil } @@ -845,3 +809,26 @@ func GetToken(c *gin.Context) string { return token.(string) } + +// SetCookie help to set the token in the cookie +func (mw *GinJWTMiddleware) SetCookie(c *gin.Context, token string) { + // set cookie + if mw.SendCookie { + expireCookie := mw.TimeFunc().Add(mw.CookieMaxAge) + maxage := int(expireCookie.Unix() - mw.TimeFunc().Unix()) + + if mw.CookieSameSite != 0 { + c.SetSameSite(mw.CookieSameSite) + } + + c.SetCookie( + mw.CookieName, + token, + maxage, + "/", + mw.CookieDomain, + mw.SecureCookie, + mw.CookieHTTPOnly, + ) + } +} From 0d785351fa44255eae997a55fa1bbd75c710212a Mon Sep 17 00:00:00 2001 From: maniSHarma7575 Date: Sun, 14 Jul 2024 19:58:18 +0530 Subject: [PATCH 2/2] TestSetCookie test added to test the functionality of SetCookie method --- auth_jwt_test.go | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/auth_jwt_test.go b/auth_jwt_test.go index b239a3a..1abd564 100644 --- a/auth_jwt_test.go +++ b/auth_jwt_test.go @@ -5,6 +5,7 @@ import ( "fmt" "log" "net/http" + "net/http/httptest" "os" "reflect" "strings" @@ -1322,3 +1323,39 @@ func TestLogout(t *testing.T) { assert.Equal(t, fmt.Sprintf("%s=; Path=/; Domain=%s; Max-Age=0", cookieName, cookieDomain), r.HeaderMap.Get("Set-Cookie")) }) } + +func TestSetCookie(t *testing.T) { + w := httptest.NewRecorder() + c, _ := gin.CreateTestContext(w) + + mw, _ := New(&GinJWTMiddleware{ + Realm: "test zone", + Key: key, + Timeout: time.Hour, + Authenticator: defaultAuthenticator, + SendCookie: true, + CookieName: "jwt", + CookieMaxAge: time.Hour, + CookieDomain: "example.com", + SecureCookie: false, + CookieHTTPOnly: true, + TimeFunc: func() time.Time { + return time.Now() + }, + }) + + token := makeTokenString("HS384", "admin") + + mw.SetCookie(c, token) + + cookies := w.Result().Cookies() + + assert.Len(t, cookies, 1) + + cookie := cookies[0] + assert.Equal(t, "jwt", cookie.Name) + assert.Equal(t, token, cookie.Value) + assert.Equal(t, "/", cookie.Path) + assert.Equal(t, "example.com", cookie.Domain) + assert.Equal(t, true, cookie.HttpOnly) +}