From 873a4c0c15a8bf24bfe58d5e606fab30dc36e30b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lera=20Elvo=C3=A9?= <yagich@poto.cafe>
Date: Tue, 27 May 2025 18:57:20 +0300
Subject: [PATCH] set session cookie with expiration date and secure flag

---
 app.lua | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/app.lua b/app.lua
index 6591a8b..24f48ce 100644
--- a/app.lua
+++ b/app.lua
@@ -1,4 +1,5 @@
 local lapis = require("lapis")
+local date = require("date")
 local app = lapis.Application()
 local constants = require("constants")
 local babycode = require("lib.babycode")
@@ -14,6 +15,13 @@ local util = require("util")
 app:enable("etlua")
 app.layout = require "views.base"
 
+app.cookie_attributes = function (self, name, value)
+  if name == config.session_name then
+    local expires = date(true):adddays(30):fmt("${http}")
+    return "Expires="..expires.."; Path=/; HttpOnly; Secure"
+  end
+end
+
 local function inject_constants(req)
   req.constants = constants
   math.randomseed(os.time())