[PLT-1263] Add a cookie-csrf-per-request-limit attribute

Stratio · Dec 11, 2024 · 9c4de61 · 9c4de61
1 parent 8c54e91
commit 9c4de61
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/pkg/cookies/csrf.go b/pkg/cookies/csrf.go
@@ -48,6 +48,7 @@ type csrf struct {
 
 	cookieOpts *options.Cookie
 	time       clock.Clock
+	creationTime time.Time
 }
 
 // csrtStateTrim will indicate the length of the state trimmed for the name of the csrf cookie
@@ -70,6 +71,7 @@ func NewCSRF(opts *options.Cookie, codeVerifier string) (CSRF, error) {
 		CodeVerifier: codeVerifier,
 
 		cookieOpts: opts,
+		creationTime: time.Now(),
 	}, nil
 }
 
@@ -176,7 +178,7 @@ func ClearExtraCsrfCookies(opts *options.Cookie, rw http.ResponseWriter, req *ht
 	}
 
 	sort.Slice(decodedCookies, func(i, j int) bool {
-		return decodedCookies[i].time.Before(decodedCookies[j].time)
+		return decodedCookies[i].creationTime.Before(decodedCookies[j].creationTime)
 	})
 
 	numberToDelete := len(decodedCookies) - opts.CSRFPerRequestLimit