From f1db949abc6fb0071d95b42997a0cdcd8aa615a8 Mon Sep 17 00:00:00 2001
From: Lenin Alevski <alevsk.8772@gmail.com>
Date: Wed, 18 Nov 2020 14:42:02 -0800
Subject: [PATCH] Fixes Console issue #400 (#401)

Previously cookie path was set to Path="/api", this was a performance
improvement to tell the browser to send the cookie only to request with
that prefix, however also consume endpoints on Path="/ws", since rfc6265
doesnt support multiple paths or regular expressions in the path field
of a cookie we are back to use Path="/" which means send the cookie to
all request under the current domain.

Co-authored-by: Daniel Valdivia <hola@danielvaldivia.com>
---
 restapi/utils.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/restapi/utils.go b/restapi/utils.go
index e52ba21a3..67e6d1a13 100644
--- a/restapi/utils.go
+++ b/restapi/utils.go
@@ -109,7 +109,7 @@ func NewSessionCookieForConsole(token string) http.Cookie {
 	expiration := time.Now().Add(SessionDuration)
 
 	return http.Cookie{
-		Path:     "/api", // browser will send cookie only for HTTP request under api path
+		Path:     "/",
 		Name:     "token",
 		Value:    token,
 		MaxAge:   int(SessionDuration.Seconds()), // 45 minutes
@@ -125,7 +125,7 @@ func NewSessionCookieForConsole(token string) http.Cookie {
 
 func ExpireSessionCookie() http.Cookie {
 	return http.Cookie{
-		Path:     "/api", // browser will send cookie only for HTTP request under api path
+		Path:     "/",
 		Name:     "token",
 		Value:    "",
 		MaxAge:   -1,