search

go-session / session

A efficient, safely and easy-to-use session library for Go.
https://godoc.org/github.com/go-session/session
MIT License
218 stars 40 forks source link

func (m *Manager) Destroy(ctx context.Conetxt,.....) doesn' work. #19

Open qkrgksqkr opened 1 year ago

qkrgksqkr commented 1 year ago

I set session with init manager setting domain option. it is sub domain.

manager := session.NewManager(
    session.SetCookieName(...),
    session.SetCookieLifeTime(...),
    session.SetExpired(int64(...)),
    session.SetStore(...),
    session.SetSessionID(...),
    session.SetDomain(*.testdomain.com),
)

And, When I destroy session call function 'Destroy(..)' It dosen't work. It still exists that cookie however in server side , that cookie (= session) is removed.

Maybe I think it beacuase of this below logic

// Destroy a session func (m Manager) Destroy(ctx context.Context, w http.ResponseWriter, r http.Request) error { ......

**if m.opts.enableSetCookie {
    cookie := &http.Cookie{
        Name:     m.opts.cookieName,
        Path:     "/",
        HttpOnly: true,
        Expires:  time.Now(),
        MaxAge:   -1,
    }**

......

I think, It need to append 'Domain: m.opts.cookieName,'

please check this issue.

thank you.