internal/sessions: fix cookie clear session (#376)

CookieStore's ClearSession now properly clears the user session cookie by setting MaxAge to -1. internal/sessions: move encoder interface to encoding package, and rename to MarshalUnmarshaler. internal/encoding: move mock to own package authenticate: use INFO log level for authZ error. Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
2025-06-25 14:08:09 +02:00 · 2019-11-09 10:49:24 -08:00 · 2019-11-09 10:49:24 -08:00 · b9ab49c32c
commit b9ab49c32c
parent d3d60d1055
19 changed files with 173 additions and 217 deletions
--- a/authenticate/handlers.go
+++ b/authenticate/handlers.go
@ -72,7 +72,7 @@ func (a *Authenticate) VerifySession(next http.Handler) http.Handler {
 		state, err := sessions.FromContext(r.Context())
 		if errors.Is(err, sessions.ErrExpired) {
 			if err := a.refresh(w, r, state); err != nil {
-				log.FromRequest(r).Debug().Str("cause", err.Error()).Msg("authenticate: couldn't refresh session")
+				log.FromRequest(r).Info().Err(err).Msg("authenticate: verify session, refresh")
 				a.redirectToIdentityProvider(w, r)
 				return
 			}
@ -80,7 +80,7 @@ func (a *Authenticate) VerifySession(next http.Handler) http.Handler {
 			http.Redirect(w, r, urlutil.GetAbsoluteURL(r).String(), http.StatusFound)
 			return
 		} else if err != nil {
-			log.FromRequest(r).Err(err).Msg("authenticate: malformed session")
+			log.FromRequest(r).Info().Err(err).Msg("authenticate: verify session")
 			a.redirectToIdentityProvider(w, r)
 			return
 		}