Unify CookieOptions config for AuthUtils

Common/Utils/AuthUtils.cs

@@ -15,28 +15,26 @@ public static class AuthUtils
         "Device-Token"
     ];
 
-    public static void SetSessionKeyCookie(this HttpContext context, string sessionKey, string domain)
+    private static CookieOptions GetCookieOptions(string domain, TimeSpan lifetime)
     {
-        context.Response.Cookies.Append(AuthConstants.UserSessionCookieName, sessionKey, new CookieOptions
+        return new CookieOptions
         {
-            Expires = new DateTimeOffset(DateTime.UtcNow.Add(Duration.LoginSessionLifetime)),
+            Expires = new DateTimeOffset(DateTime.UtcNow.Add(lifetime)),
             Secure = true,
             HttpOnly = true,
             SameSite = SameSiteMode.Strict,
             Domain = domain
-        });
+        };
+    }
+
+    public static void SetSessionKeyCookie(this HttpContext context, string sessionKey, string domain)
+    {
+        context.Response.Cookies.Append(AuthConstants.UserSessionCookieName, sessionKey, GetCookieOptions(domain, Duration.LoginSessionLifetime));
     }
 
     public static void RemoveSessionKeyCookie(this HttpContext context, string domain)
     {
-        context.Response.Cookies.Append(AuthConstants.UserSessionCookieName, string.Empty, new CookieOptions
-        {
-            Expires = DateTime.Now.AddDays(-1),
-            Secure = true,
-            HttpOnly = true,
-            SameSite = SameSiteMode.Strict,
-            Domain = domain
-        });
+        context.Response.Cookies.Append(AuthConstants.UserSessionCookieName, string.Empty, GetCookieOptions(domain, TimeSpan.FromDays(-1)));
     }
 
     public static bool TryGetUserSession(this HttpContext context, [NotNullWhen(true)] out string? sessionToken)