clearDeviceTrustCookie expires the trust cookie on the client. Called only on explicit revocation paths, never on ordinary logout.
(w http.ResponseWriter, r *http.Request)
| 106 | // clearDeviceTrustCookie expires the trust cookie on the client. Called only |
| 107 | // on explicit revocation paths, never on ordinary logout. |
| 108 | func clearDeviceTrustCookie(w http.ResponseWriter, r *http.Request) { |
| 109 | http.SetCookie(w, &http.Cookie{ |
| 110 | Name: DeviceTrustCookieName, |
| 111 | Value: "", |
| 112 | Path: "/", |
| 113 | MaxAge: -1, |
| 114 | HttpOnly: true, |
| 115 | Secure: isSecureRequest(r), |
| 116 | SameSite: http.SameSiteLaxMode, |
| 117 | }) |
| 118 | } |
| 119 | |
| 120 | // LoginRequest is the request body for login. |
| 121 | type LoginRequest struct { |
no test coverage detected