refactor: Provided an Option to Set Cookie using *GinJWTMiddleware (#335

) * [FEATURE] SetCookie method should be publicly exposed * TestSetCookie test added to test the functionality of SetCookie method
appleboy · Jul 14, 2024 · d36b890 · d36b890
1 parent 4339e81
commit d36b890
Show file tree

Hide file tree

Showing 2 changed files with 62 additions and 38 deletions.
diff --git a/auth_jwt.go b/auth_jwt.go
@@ -517,25 +517,7 @@ func (mw *GinJWTMiddleware) LoginHandler(c *gin.Context) {
 		return
 	}
 
-	// set cookie
-	if mw.SendCookie {
-		expireCookie := mw.TimeFunc().Add(mw.CookieMaxAge)
-		maxage := int(expireCookie.Unix() - mw.TimeFunc().Unix())
-
-		if mw.CookieSameSite != 0 {
-			c.SetSameSite(mw.CookieSameSite)
-		}
-
-		c.SetCookie(
-			mw.CookieName,
-			tokenString,
-			maxage,
-			"/",
-			mw.CookieDomain,
-			mw.SecureCookie,
-			mw.CookieHTTPOnly,
-		)
-	}
+	mw.SetCookie(c, tokenString)
 
 	mw.LoginResponse(c, http.StatusOK, tokenString, expire)
 }
@@ -609,25 +591,7 @@ func (mw *GinJWTMiddleware) RefreshToken(c *gin.Context) (string, time.Time, err
 		return "", time.Now(), err
 	}
 
-	// set cookie
-	if mw.SendCookie {
-		expireCookie := mw.TimeFunc().Add(mw.CookieMaxAge)
-		maxage := int(expireCookie.Unix() - time.Now().Unix())
-
-		if mw.CookieSameSite != 0 {
-			c.SetSameSite(mw.CookieSameSite)
-		}
-
-		c.SetCookie(
-			mw.CookieName,
-			tokenString,
-			maxage,
-			"/",
-			mw.CookieDomain,
-			mw.SecureCookie,
-			mw.CookieHTTPOnly,
-		)
-	}
+	mw.SetCookie(c, tokenString)
 
 	return tokenString, expire, nil
 }
@@ -845,3 +809,26 @@ func GetToken(c *gin.Context) string {
 
 	return token.(string)
 }
+
+// SetCookie help to set the token in the cookie
+func (mw *GinJWTMiddleware) SetCookie(c *gin.Context, token string) {
+	// set cookie
+	if mw.SendCookie {
+		expireCookie := mw.TimeFunc().Add(mw.CookieMaxAge)
+		maxage := int(expireCookie.Unix() - mw.TimeFunc().Unix())
+
+		if mw.CookieSameSite != 0 {
+			c.SetSameSite(mw.CookieSameSite)
+		}
+
+		c.SetCookie(
+			mw.CookieName,
+			token,
+			maxage,
+			"/",
+			mw.CookieDomain,
+			mw.SecureCookie,
+			mw.CookieHTTPOnly,
+		)
+	}
+}
diff --git a/auth_jwt_test.go b/auth_jwt_test.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"log"
 	"net/http"
+	"net/http/httptest"
 	"os"
 	"reflect"
 	"strings"
@@ -1322,3 +1323,39 @@ func TestLogout(t *testing.T) {
 			assert.Equal(t, fmt.Sprintf("%s=; Path=/; Domain=%s; Max-Age=0", cookieName, cookieDomain), r.HeaderMap.Get("Set-Cookie"))
 		})
 }
+
+func TestSetCookie(t *testing.T) {
+	w := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(w)
+
+	mw, _ := New(&GinJWTMiddleware{
+		Realm:          "test zone",
+		Key:            key,
+		Timeout:        time.Hour,
+		Authenticator:  defaultAuthenticator,
+		SendCookie:     true,
+		CookieName:     "jwt",
+		CookieMaxAge:   time.Hour,
+		CookieDomain:   "example.com",
+		SecureCookie:   false,
+		CookieHTTPOnly: true,
+		TimeFunc: func() time.Time {
+			return time.Now()
+		},
+	})
+
+	token := makeTokenString("HS384", "admin")
+
+	mw.SetCookie(c, token)
+
+	cookies := w.Result().Cookies()
+
+	assert.Len(t, cookies, 1)
+
+	cookie := cookies[0]
+	assert.Equal(t, "jwt", cookie.Name)
+	assert.Equal(t, token, cookie.Value)
+	assert.Equal(t, "/", cookie.Path)
+	assert.Equal(t, "example.com", cookie.Domain)
+	assert.Equal(t, true, cookie.HttpOnly)
+}