From 7d3dc20482f85c64db2b75f7aeaedcf8f211d55d Mon Sep 17 00:00:00 2001
From: hokamsingh <hokamsingh.mongoosetech@gmail.com>
Date: Mon, 26 Aug 2024 14:11:06 +0530
Subject: [PATCH] feat: cookie options enabled

---
 internal/core/context/context.go | 33 +++++++++++++++++++++++++-------
 1 file changed, 26 insertions(+), 7 deletions(-)

diff --git a/internal/core/context/context.go b/internal/core/context/context.go
index 825460a..e2a460e 100644
--- a/internal/core/context/context.go
+++ b/internal/core/context/context.go
@@ -161,27 +161,46 @@ func (c *Context) Redirect(status int, url string) {
 	http.Redirect(c.Res, c.Req, url, status)
 }
 
+type SameSite int
+
+const (
+	SameSiteDefaultMode SameSite = iota + 1
+	SameSiteLaxMode
+	SameSiteStrictMode
+	SameSiteNoneMode
+)
+
 // SetCookie adds a cookie to the response.
 //
 // This method sets a cookie with the given name, value, and options.
 //
 // Parameters:
 //
-//	name (string): The name of the cookie.
-//	value (string): The value of the cookie.
-//	maxAge (int): The maximum age of the cookie in seconds.
-//	path (string): The path for which the cookie is valid.
+//			name (string): The name of the cookie.
+//			value (string): The value of the cookie.
+//			maxAge (int): The maximum age of the cookie in seconds.
+//			path (string): The path for which the cookie is valid.
+//		    httpOnly(bool): make it http only cookie.(can only be sent from http request)
+//		    secure(bool): ensures that the cookie is only sent over HTTPS connections, providing protection against man-in-the-middle (MITM) attacks
+//			sameSite(http.SameSite): Strict(SameSiteStrictMode): Most restrictive, no cross-site requests.
+//	     Lax(SameSiteLaxMode): Allows cookies to be sent with top-level navigations, but not with other cross-site requests.
+//
+//			None(SameSiteNoneMode): No restrictions on sending cookies with cross-site requests, but must be used with Secure.
+//
+//			Default(SameSiteDefaultMode): Equivalent to Lax
 //
 // Example usage:
 //
-//	ctx.SetCookie("session_id", "123456", 3600, "/")
-func (c *Context) SetCookie(name, value string, maxAge int, path string) {
+//	ctx.SetCookie("auth_token", "0xc000013a", 60, "", true, false, http.SameSiteDefaultMode)
+func (c *Context) SetCookie(name, value string, maxAge int, path string, httpOnly bool, secure bool, sameSite http.SameSite) {
 	http.SetCookie(c.Res, &http.Cookie{
 		Name:     name,
 		Value:    value,
 		MaxAge:   maxAge,
 		Path:     path,
-		HttpOnly: true,
+		HttpOnly: httpOnly,
+		Secure:   secure,
+		SameSite: sameSite,
 	})
 }