From ea6d8bf6c88de083fbdbe37a25a59e796acfc8a5 Mon Sep 17 00:00:00 2001
From: Wim Brand <wb@voclarion.nl>
Date: Wed, 5 Feb 2020 11:56:08 +0100
Subject: [PATCH] update cookie settings

---
 webcontroller/templates.go      | 7 +++++++
 webcontroller/user_account.go   | 2 ++
 webcontroller/web_controller.go | 1 +
 3 files changed, 10 insertions(+)

diff --git a/webcontroller/templates.go b/webcontroller/templates.go
index f728f24..e5c3c17 100644
--- a/webcontroller/templates.go
+++ b/webcontroller/templates.go
@@ -76,6 +76,13 @@ func (wc *WebController) newTemplateData(w http.ResponseWriter, r *http.Request)
 					Expires: time.Unix(0, 0),
 					Domain:  wc.sessionCookieDomain,
 				})
+				http.SetCookie(w, &http.Cookie{
+					Name:    "pd_auth_key",
+					Value:   "",
+					Path:    "/",
+					Expires: time.Unix(0, 0),
+					Domain:  ".pixeldrain.com",
+				})
 			}
 			return t
 		}
diff --git a/webcontroller/user_account.go b/webcontroller/user_account.go
index 8fac6e1..dc9e6b6 100644
--- a/webcontroller/user_account.go
+++ b/webcontroller/user_account.go
@@ -172,6 +172,8 @@ func (wc *WebController) loginForm(td *TemplateData, r *http.Request) (f Form) {
 			// Request was a success
 			f.SubmitSuccess = true
 			f.SubmitMessages = []template.HTML{"Success!"}
+
+			// Set the autentication cookie
 			f.Extra.SetCookie = &http.Cookie{
 				Name:     "pd_auth_key",
 				Value:    loginResp.APIKey,
diff --git a/webcontroller/web_controller.go b/webcontroller/web_controller.go
index a7dcc72..87711e7 100644
--- a/webcontroller/web_controller.go
+++ b/webcontroller/web_controller.go
@@ -183,6 +183,7 @@ func (wc *WebController) serveForm(
 
 		// Execute the extra actions if any
 		if td.Form.Extra.SetCookie != nil {
+			w.Header().Del("Set-Cookie")
 			http.SetCookie(w, td.Form.Extra.SetCookie)
 		}
 		if td.Form.Extra.RedirectTo != "" {