import session from 'koa-session';

export default (app) => {
  const CONFIG = {
    key: 'koa:sess', // cookie key
    maxAge: 86400000, // 1天
    httpOnly: true,
    signed: true, // 将 cookie 的内容通过密钥进行加密。需配置app.keys
    rolling: false,
    renew: false,
    secure: process.env.NODE_ENV === "production" && process.env.HTTPS_ENABLE === "on",
    sameSite: "lax", // https://scotthelme.co.uk/csrf-is-dead/
  };
  return session(CONFIG, app);
};