From efb2823391e000aa8c558657bb88a6b9f741c2fd Mon Sep 17 00:00:00 2001
From: Jens L <jens@goauthentik.io>
Date: Thu, 28 Sep 2023 21:06:27 +0200
Subject: [PATCH] internal: fix redis session store (#7011)

---
 internal/outpost/proxyv2/application/session.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/internal/outpost/proxyv2/application/session.go b/internal/outpost/proxyv2/application/session.go
index 65fb7fed1..739b23e84 100644
--- a/internal/outpost/proxyv2/application/session.go
+++ b/internal/outpost/proxyv2/application/session.go
@@ -45,9 +45,11 @@ func (a *Application) getStore(p api.ProxyOutpostConfig, externalHost *url.URL)
 
 		rs.KeyPrefix(RedisKeyPrefix)
 		rs.Options(sessions.Options{
-			HttpOnly: strings.ToLower(externalHost.Scheme) == "https",
+			HttpOnly: true,
+			Secure:   strings.ToLower(externalHost.Scheme) == "https",
 			Domain:   *p.CookieDomain,
 			SameSite: http.SameSiteLaxMode,
+			MaxAge:   maxAge,
 		})
 
 		a.log.Trace("using redis session backend")