add cookie after session ceated

Author: isoppp

go.mod

@@ -4,22 +4,20 @@ go 1.17
 
 require (
 	github.com/caarlos0/env/v6 v6.7.1
-	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/friendsofgo/errors v0.9.2
 	github.com/google/uuid v1.3.0
+	github.com/gorilla/securecookie v1.1.1
 	github.com/kat-co/vala v0.0.0-20170210184112-42e1d8b61f12
 	github.com/labstack/echo/v4 v4.5.0
 	github.com/lib/pq v1.10.3
 	github.com/spf13/viper v1.8.1
-	github.com/stretchr/testify v1.7.0
 	github.com/volatiletech/randomize v0.0.1
 	github.com/volatiletech/sqlboiler/v4 v4.6.0
 	github.com/volatiletech/strmangle v0.0.1
 	go.uber.org/zap v1.19.1
 )
 
 require (
-	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/fsnotify/fsnotify v1.4.9 // indirect
 	github.com/gofrs/uuid v3.2.0+incompatible // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
@@ -33,7 +31,6 @@ require (
 	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
 	github.com/pelletier/go-toml v1.9.3 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/spf13/afero v1.6.0 // indirect
 	github.com/spf13/cast v1.3.1 // indirect
 	github.com/spf13/jwalterweatherman v1.1.0 // indirect
@@ -53,5 +50,4 @@ require (
 	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
 	gopkg.in/ini.v1 v1.62.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 )

go.sum

@@ -82,7 +82,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/denisenkom/go-mssqldb v0.10.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
@@ -183,6 +182,8 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+
 github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
+github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
 github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
 github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
 github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=

internal/handlers/session.go

@@ -2,8 +2,8 @@ package handlers
 
 import (
 	"context"
-	"errors"
 	"net/http"
+	"sandbox-go-api-sqlboiler-rest-auth/internal/scookie"
 	"sandbox-go-api-sqlboiler-rest-auth/models"
 	"time"
 
@@ -40,20 +40,34 @@ func (h *Handlers) CreateSession(c echo.Context) error {
 		return echo.NewHTTPError(http.StatusBadRequest)
 	}
 
-	var session models.Session
+	var s models.Session
 	var uid, _ = uuid.NewUUID()
-	session.ID = uid.String()
-	session.UserID = u.ID
-	session.ExpiresAt = time.Now().Add(time.Hour * 24 * 30)
-	err = session.Insert(ctx, h.db, boil.Infer())
+	s.ID = uid.String()
+	s.UserID = u.ID
+	s.ExpiresAt = time.Now().Add(time.Hour * 24 * 30)
+	err = s.Insert(ctx, h.db, boil.Infer())
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError)
 	}
 
+	sc := scookie.NewSecureCookie()
+	encoded, err := sc.Encode("session", s.ID)
+	if err != nil {
+		return echo.NewHTTPError(http.StatusInternalServerError)
+	}
+	cookie := &http.Cookie{
+		Name:     "session",
+		Value:    encoded,
+		Path:     "/",
+		Expires:  time.Now().Add(time.Hour * 24 * 30),
+		Secure:   true,
+		HttpOnly: true,
+		SameSite: 2,
+	}
+	c.SetCookie(cookie)
 	return c.NoContent(http.StatusNoContent)
 }
 
 func (h *Handlers) DeleteSession(c echo.Context) error {
-	//ctx := context.Background()
-	return errors.New("not implemented")
+	return c.NoContent(http.StatusNoContent)
 }

internal/scookie/scookie.go

@@ -0,0 +1,10 @@
+package scookie
+
+import (
+	"github.com/gorilla/securecookie"
+)
+
+func NewSecureCookie() *securecookie.SecureCookie {
+	var hashKey = []byte("jkb2kJU4C6ad11DOFElCYMhtF8kvw75n")
+	return securecookie.New(hashKey, nil)
+}