aboutsummaryrefslogtreecommitdiff
path: root/config/cookies.cr
diff options
context:
space:
mode:
Diffstat (limited to 'config/cookies.cr')
-rw-r--r--config/cookies.cr25
1 files changed, 25 insertions, 0 deletions
diff --git a/config/cookies.cr b/config/cookies.cr
new file mode 100644
index 0000000..8db93eb
--- /dev/null
+++ b/config/cookies.cr
@@ -0,0 +1,25 @@
+require "./server"
+
+Lucky::Session.configure do |settings|
+ settings.key = "_diskfloppydotme_session"
+end
+
+Lucky::CookieJar.configure do |settings|
+ settings.on_set = ->(cookie : HTTP::Cookie) {
+ # If ForceSSLHandler is enabled, only send cookies over HTTPS
+ cookie.secure(Lucky::ForceSSLHandler.settings.enabled)
+
+ # By default, don't allow reading cookies with JavaScript
+ cookie.http_only(true)
+
+ # Restrict cookies to a first-party or same-site context
+ cookie.samesite(:lax)
+
+ # Set all cookies to the root path by default
+ cookie.path("/")
+
+ # You can set other defaults for cookies here. For example:
+ #
+ # cookie.expires(1.year.from_now).domain("mydomain.com")
+ }
+end