GuidesForumGitHub
HomeGuides
GuidesForumGitHubLog In
Guides
These docs are for v2.0. Click to read the latest docs for v7.0.

OAuth1 token secret

Suggest Edits

CookieSecret

To configure the CookieSecret provider you must use the CookieSecretSettings class. This class has the following form:

case class CookieSecretSettings(
  cookieName: String = "OAuth1TokenSecret",
  cookiePath: String = "/",
  cookieDomain: Option[String] = None,
  secureCookie: Boolean = Play.isProd,
  httpOnlyCookie: Boolean = true,
  expirationTime: Int = 5 * 60)
PropertyDescription
`cookieNameThe cookie name
cookiePathThe cookie path
cookieDomainThe cookie domain
secureCookieWhether this cookie is secured, sent only for HTTPS requests. Default to sending only for HTTPS in production, but not for development and test
httpOnlyCookieWhether this cookie is HTTP only, i.e. not accessible from client-side JavaScript code
expirationTimeSecret expiration. Defaults to 5 minutes which provides sufficient time to log in, but not too much. This is a balance between convenience and security

Updated less than a minute ago