michaelvanstraten · ovalek · Jun 17, 2024 · Jun 28, 2024
diff --git a/src/token_signer.rs b/src/token_signer.rs
@@ -5,6 +5,7 @@ use std::marker::PhantomData;
 use std::time::Duration;
 
 use actix_web::cookie::Cookie;
+use actix_web::cookie::CookieBuilder;
 use actix_web::http::header::HeaderValue;
 use chrono::TimeDelta;
 use derive_builder::Builder;
@@ -77,6 +78,14 @@ where
     */
     #[builder(default = "Duration::from_secs(60)")]
     access_token_lifetime: Duration,
+    /**
+        Specify cookie parameters like Path, HttpOnly or SameSite.
+        Example usage `.cookie_builder(Cookie::build("", "").secure(true).path("/"))`
+
+        Defaults to (`Cookie::build("", "").secure(true)`).
+    */
+    #[builder(default = "Cookie::build(\"\", \"\").secure(true)")]
+    cookie_builder: CookieBuilder<'static>,
     /**
         The name of the future refresh tokens.
 
@@ -248,9 +257,10 @@ where
         token_lifetime: Duration,
     ) -> AuthResult<Cookie<'static>> {
         let token = self.create_signed_token(claims, token_lifetime)?;
-        Ok(Cookie::build(cookie_name.to_string(), token)
-            .secure(true)
-            .finish())
+        let mut cookie = self.cookie_builder.clone().finish();
+        cookie.set_name(cookie_name.to_string());
+        cookie.set_value(token);
+        Ok(cookie)
     }
 
     /**
@@ -290,6 +300,7 @@ where
             access_token_lifetime: Clone::clone(&self.access_token_lifetime),
             refresh_token_name: Clone::clone(&self.refresh_token_name),
             refresh_token_lifetime: Clone::clone(&self.refresh_token_lifetime),
+            cookie_builder: Clone::clone(&self.cookie_builder),
             header: Clone::clone(&self.header),
             algorithm: Clone::clone(&self.algorithm),
             signing_key: Clone::clone(&self.signing_key),