43 lines
1.1 KiB
Go
43 lines
1.1 KiB
Go
package serve
|
|
|
|
import (
|
|
"net/http"
|
|
"time"
|
|
)
|
|
|
|
const cookieName = "__Host-consent-v1"
|
|
|
|
// SetConsent registers a consent cookie on the response.
|
|
func SetConsent(w http.ResponseWriter) {
|
|
http.SetCookie(w, &http.Cookie{
|
|
Name: cookieName,
|
|
Value: "given",
|
|
Expires: time.Now().Add(20 * 365 * 24 * time.Hour),
|
|
Path: "/",
|
|
Secure: true,
|
|
HttpOnly: true,
|
|
SameSite: http.SameSiteLaxMode,
|
|
})
|
|
}
|
|
|
|
// NeedsConsent is a middleware that immediately responds with a 403 if the
|
|
// request does not bear a consent cookie.
|
|
func NeedsConsent(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if _, err := r.Cookie(cookieName); err != nil {
|
|
http.Error(w, cookieFailed, http.StatusForbidden)
|
|
return
|
|
}
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
|
|
const cookieFailed = `<!DOCTYPE html>
|
|
<html>
|
|
<body>
|
|
<h1>Consent required</h1>
|
|
<p>The requested resource requires consent to processing identifying information and storying necessary cookies.</p>
|
|
<p>I'm just a lil guy. The information is used solely for providing the service's functionality.</p>
|
|
</body>
|
|
</html>`
|