From f5332969f3cc5cef9c71638a345170eaa1fae7df Mon Sep 17 00:00:00 2001
From: Aaron D Borden <adborden@a14n.net>
Date: Fri, 13 Jan 2017 15:22:54 -0800
Subject: [PATCH] Work-around Session Filestore fallback bug

gorilla Session creation isn't handled correctly when MaxAge is unset. Work
around upstream bug[1] by explicitly setting MaxAge.

[1] https://github.com/gorilla/sessions/issues/96
---
 helpers/settings.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/helpers/settings.go b/helpers/settings.go
index 47fe3853..3730d875 100644
--- a/helpers/settings.go
+++ b/helpers/settings.go
@@ -120,6 +120,9 @@ func (s *Settings) InitSettings(envVars EnvVars, env *cfenv.App) error {
 		store.MaxLength(4096 * 4)
 		store.Options = &sessions.Options{
 			HttpOnly: true,
+			// TODO remove this; work-around for
+			// https://github.com/gorilla/sessions/issues/96
+			MaxAge: 60 * 60 * 24 * 7,
 			Secure:   s.SecureCookies,
 		}
 		s.Sessions = store