Use / as the default auth cookie path.

author: T <t@tjp.lol> 2025-07-12 15:23:48 -0600
committer: T <t@tjp.lol> 2025-07-19 13:47:09 -0600
commit: 52e03c2658c376b452871e16eda65a2ca4243458 (patch)
tree: c50f0d182a0d3cca60b93120135440012f9d87f2 /auth.go
parent: caf5bb2ee84079365996a622ab8fc5ed510ef9a7 (diff)
1 files changed, 10 insertions, 3 deletions
diff --git a/auth.go b/auth.go
index ac1fc57..984d614 100644
--- a/auth.go
+++ b/auth.go
@@ -42,6 +42,13 @@ type AuthConfig[T any] struct {
 	MaxAge time.Duration
 }
 
+func (ac AuthConfig[T]) urlPath() string {
+	if ac.URLPath == "" {
+		return "/"
+	}
+	return ac.URLPath
+}
+
 // SerDes defines the interface for serializing and deserializing authentication data.
 //
 // Implementations must handle conversion between type T and byte streams.
@@ -139,7 +146,7 @@ func (a Auth[T]) Set(w http.ResponseWriter, data T) error {
 	cookie := &http.Cookie{
 		Name:     a.config.CookieName,
 		Value:    a.enc.Encrypt(buf.Bytes()),
-		Path:     a.config.URLPath,
+		Path:     a.config.urlPath(),
 		Domain:   a.config.URLDomain,
 		MaxAge:   int(a.config.MaxAge / time.Second),
 		Secure:   a.config.HTTPSOnly,
@@ -193,11 +200,11 @@ func removeSetCookieHeaders(w http.ResponseWriter, cookieName string) {
 func (a Auth[T]) Clear(w http.ResponseWriter) {
 	// Remove any existing Set-Cookie headers for this cookie name
 	removeSetCookieHeaders(w, a.config.CookieName)
-	
+
 	cookie := &http.Cookie{
 		Name:     a.config.CookieName,
 		Value:    "",
-		Path:     a.config.URLPath,
+		Path:     a.config.urlPath(),
 		Domain:   a.config.URLDomain,
 		MaxAge:   -1,
 		Secure:   a.config.HTTPSOnly,
author	T <t@tjp.lol>	2025-07-12 15:23:48 -0600
committer	T <t@tjp.lol>	2025-07-19 13:47:09 -0600
commit	52e03c2658c376b452871e16eda65a2ca4243458 (patch)
tree	c50f0d182a0d3cca60b93120135440012f9d87f2 /auth.go
parent	caf5bb2ee84079365996a622ab8fc5ed510ef9a7 (diff)