Blame - include/cookies.hpp - openbmc/bmcweb

blob: 62fd3c7e8126c8d16808b2eb31bd4a9618d42e95 [file] [log] [blame]

Ed Tanous	40e9b92	2024-09-10 13:50:16 -0700	[diff] [blame]	1	// SPDX-License-Identifier: Apache-2.0
				2	// SPDX-FileCopyrightText: Copyright OpenBMC Authors
Paul Fertser	29aab24	2024-06-12 19:28:47 +0000	[diff] [blame]	3	#pragma once
				4
				5	#include "http_response.hpp"
				6	#include "sessions.hpp"
				7
Ed Tanous	d785720	2025-01-28 15:32:26 -0800	[diff] [blame]	8	#include <boost/beast/http/field.hpp>
				9
Paul Fertser	29aab24	2024-06-12 19:28:47 +0000	[diff] [blame]	10	namespace bmcweb
				11	{
				12
				13	inline void setSessionCookies(crow::Response& res,
				14	const persistent_data::UserSession& session)
				15	{
				16	res.addHeader(boost::beast::http::field::set_cookie,
				17	"XSRF-TOKEN=" + session.csrfToken +
				18	"; Path=/; SameSite=Strict; Secure");
				19	res.addHeader(boost::beast::http::field::set_cookie,
Gunnar Mills	c76f964	2025-01-26 21:37:59 -0600	[diff] [blame]	20	"BMCWEB-SESSION=" + session.sessionToken +
Paul Fertser	29aab24	2024-06-12 19:28:47 +0000	[diff] [blame]	21	"; Path=/; SameSite=Strict; Secure; HttpOnly");
				22	}
				23
				24	inline void clearSessionCookies(crow::Response& res)
				25	{
				26	res.addHeader(boost::beast::http::field::set_cookie,
Gunnar Mills	c76f964	2025-01-26 21:37:59 -0600	[diff] [blame]	27	"BMCWEB-SESSION="
Paul Fertser	29aab24	2024-06-12 19:28:47 +0000	[diff] [blame]	28	"; Path=/; SameSite=Strict; Secure; HttpOnly; "
				29	"expires=Thu, 01 Jan 1970 00:00:00 GMT");
Paul Fertser	29aab24	2024-06-12 19:28:47 +0000	[diff] [blame]	30	}
				31
				32	} // namespace bmcweb