From 05021d6787572bdaf027be1df88c777030b22595 Mon Sep 17 00:00:00 2001 From: Adam Tomat Date: Mon, 16 Aug 2021 12:23:08 +0100 Subject: [PATCH] Allow the SameSite option to be configured for lumberjack_session cookie --- src/Providers/SessionServiceProvider.php | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/src/Providers/SessionServiceProvider.php b/src/Providers/SessionServiceProvider.php index 2fc6d55..c62f3c8 100644 --- a/src/Providers/SessionServiceProvider.php +++ b/src/Providers/SessionServiceProvider.php @@ -33,22 +33,19 @@ public function boot() add_action('send_headers', function () use (&$cookieSet) { if (!$cookieSet) { - $cookieOptions = [ - 'lifetime' => Config::get('session.lifetime', 120), - 'path' => Config::get('session.path', '/'), - 'domain' => Config::get('session.domain', null), - 'secure' => Config::get('session.secure', false), - 'httpOnly' => Config::get('session.http_only', true), - ]; + $lifetime = Config::get('session.lifetime', 120); setcookie( $this->session->getName(), $this->session->getId(), - time() + ($cookieOptions['lifetime'] * 60), - $cookieOptions['path'], - $cookieOptions['domain'], - $cookieOptions['secure'], - $cookieOptions['httpOnly'] + [ + 'expires' => time() + ($lifetime * 60), + 'path' => Config::get('session.path', '/'), + 'domain' => Config::get('session.domain', null), + 'secure' => Config::get('session.secure', false), + 'httponly' => Config::get('session.http_only', true), + 'samesite' => Config::get('session.same_site', 'strict'), + ] ); $cookieSet = true;