modo/cookie/config.rs
1use serde::Deserialize;
2
3fn default_true() -> bool {
4 true
5}
6
7fn default_lax() -> String {
8 "lax".to_string()
9}
10
11/// Cookie security attributes used by the session and flash middleware.
12///
13/// Deserializes from the `cookie` section of the application YAML config.
14/// All fields except `secret` have defaults, so a minimal config only needs
15/// to provide `secret`.
16#[non_exhaustive]
17#[derive(Debug, Clone, Deserialize)]
18pub struct CookieConfig {
19 /// HMAC signing secret. Must be at least 64 characters long.
20 pub secret: String,
21 /// Set the `Secure` cookie attribute. Defaults to `true`.
22 ///
23 /// Set to `false` during local HTTP development.
24 #[serde(default = "default_true")]
25 pub secure: bool,
26 /// Set the `HttpOnly` cookie attribute. Defaults to `true`.
27 #[serde(default = "default_true")]
28 pub http_only: bool,
29 /// `SameSite` cookie attribute value: `"lax"`, `"strict"`, or `"none"`.
30 /// Defaults to `"lax"`.
31 #[serde(default = "default_lax")]
32 pub same_site: String,
33}
34
35impl Default for CookieConfig {
36 fn default() -> Self {
37 Self {
38 secret: String::new(),
39 secure: true,
40 http_only: true,
41 same_site: "lax".to_string(),
42 }
43 }
44}
45
46impl CookieConfig {
47 /// Create a new cookie configuration with the given signing secret.
48 ///
49 /// Defaults: `secure = true`, `http_only = true`, `same_site = "lax"`.
50 pub fn new(secret: impl Into<String>) -> Self {
51 Self {
52 secret: secret.into(),
53 secure: true,
54 http_only: true,
55 same_site: "lax".to_string(),
56 }
57 }
58}