Use / as the default auth cookie path.HEAD main

author: T <t@tjp.lol> 2025-07-12 15:23:48 -0600
committer: T <t@tjp.lol> 2025-07-12 15:37:10 -0600
commit: 9f62e09c88c1ef8b237ab5d7e4d8791fcf4fae8f (patch)
tree: b53a5b7a29882ddb0d6417f074c474b577ed8931 /auth.go
parent: caf5bb2ee84079365996a622ab8fc5ed510ef9a7 (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/auth.go b/auth.go
index ac1fc57..7e5de19 100644
--- a/auth.go
+++ b/auth.go
@@ -42,6 +42,13 @@ type AuthConfig[T any] struct {
 	MaxAge time.Duration
 }
 
+func (ac AuthConfig[T]) urlPath() string {
+	if ac.URLPath == "" {
+		return "/"
+	}
+	return ac.URLPath
+}
+
 // SerDes defines the interface for serializing and deserializing authentication data.
 //
 // Implementations must handle conversion between type T and byte streams.
@@ -139,7 +146,7 @@ func (a Auth[T]) Set(w http.ResponseWriter, data T) error {
 	cookie := &http.Cookie{
 		Name:     a.config.CookieName,
 		Value:    a.enc.Encrypt(buf.Bytes()),
-		Path:     a.config.URLPath,
+		Path:     a.config.urlPath(),
 		Domain:   a.config.URLDomain,
 		MaxAge:   int(a.config.MaxAge / time.Second),
 		Secure:   a.config.HTTPSOnly,
@@ -197,7 +204,7 @@ func (a Auth[T]) Clear(w http.ResponseWriter) {
 	cookie := &http.Cookie{
 		Name:     a.config.CookieName,
 		Value:    "",
-		Path:     a.config.URLPath,
+		Path:     a.config.urlPath(),
 		Domain:   a.config.URLDomain,
 		MaxAge:   -1,
 		Secure:   a.config.HTTPSOnly,
author	T <t@tjp.lol>	2025-07-12 15:23:48 -0600
committer	T <t@tjp.lol>	2025-07-12 15:37:10 -0600
commit	9f62e09c88c1ef8b237ab5d7e4d8791fcf4fae8f (patch)
tree	b53a5b7a29882ddb0d6417f074c474b577ed8931 /auth.go
parent	caf5bb2ee84079365996a622ab8fc5ed510ef9a7 (diff)