From ea841ab274630cff287a586d9799663a28c708fc Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Wed, 30 Apr 2025 12:18:33 -0600
Subject: refactor: extract Option[T] and cleaner API for creating cookies

---
 app/controllers/sessions/controller.go | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'app/controllers/sessions/controller.go')

diff --git a/app/controllers/sessions/controller.go b/app/controllers/sessions/controller.go
index 5babe7d..ae50e16 100644
--- a/app/controllers/sessions/controller.go
+++ b/app/controllers/sessions/controller.go
@@ -33,10 +33,13 @@ func (c *Controller) New(w http.ResponseWriter, r *http.Request) {
 	}
 
 	url, nonce := c.svc.GenerateRedirectURL()
-	cookie := cookie.New("oauth_state", nonce, time.Now().Add(10*time.Minute))
 	// This cookie must be sent as part of a redirect that originates from the OIDC Provider
-	cookie.SameSite = http.SameSiteLaxMode
-	http.SetCookie(w, cookie)
+	http.SetCookie(w, cookie.New(
+		"oauth_state",
+		nonce,
+		cookie.WithSameSite(http.SameSiteLaxMode),
+		cookie.WithExpiration(time.Now().Add(10*time.Minute)),
+	))
 	http.Redirect(w, r, url, http.StatusFound)
 }
 
@@ -135,7 +138,7 @@ func (c *Controller) Create(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	http.SetCookie(w, cookie.New("session", encoded, tokens.Expiry))
+	http.SetCookie(w, cookie.New("session", encoded, cookie.WithExpiration(tokens.Expiry)))
 	http.Redirect(w, r, "/dashboard", http.StatusFound)
 }
 
-- 
cgit v1.2.3