modo/cookie/config.rs
1use serde::Deserialize;
2
3fn default_true() -> bool {
4 true
5}
6
7fn default_lax() -> String {
8 "lax".to_string()
9}
10
11/// Cookie security attributes used by the session and flash middleware.
12///
13/// Deserializes from the `cookie` section of the application YAML config.
14/// All fields except `secret` have defaults, so a minimal config only needs
15/// to provide `secret`.
16#[non_exhaustive]
17#[derive(Debug, Clone, Deserialize)]
18pub struct CookieConfig {
19 /// HMAC signing secret. Must be at least 64 characters long.
20 pub secret: String,
21 /// Set the `Secure` cookie attribute. Defaults to `true`.
22 ///
23 /// Set to `false` during local HTTP development.
24 #[serde(default = "default_true")]
25 pub secure: bool,
26 /// Set the `HttpOnly` cookie attribute. Defaults to `true`.
27 #[serde(default = "default_true")]
28 pub http_only: bool,
29 /// `SameSite` cookie attribute value: `"lax"`, `"strict"`, or `"none"`.
30 /// Defaults to `"lax"`.
31 #[serde(default = "default_lax")]
32 pub same_site: String,
33}
34
35impl CookieConfig {
36 /// Create a new cookie configuration with the given signing secret.
37 ///
38 /// Defaults: `secure = true`, `http_only = true`, `same_site = "lax"`.
39 pub fn new(secret: impl Into<String>) -> Self {
40 Self {
41 secret: secret.into(),
42 secure: true,
43 http_only: true,
44 same_site: "lax".to_string(),
45 }
46 }
47}