How to delete cookie

Question

I wrote a web application that set a cookie and delete it. To clarify to scenario what I mean look at the following code snippet.

package main

import (
    "fmt"
    "github.com/gorilla/mux"
    "net/http"
    "time"
)

func rootHandler(rw http.ResponseWriter, r *http.Request) {
    fmt.Fprintf(rw, "Hello Foo")

}

func setCookieHandler(rw http.ResponseWriter, r *http.Request) {
    c := &http.Cookie{
        Name:     "storage",
        Value:    "value",
        Path:     "/",
        MaxAge:   0,
        HttpOnly: true,
    }

    http.SetCookie(rw, c)
}

func deleteCookieHandler(rw http.ResponseWriter, r *http.Request) {

    c, err := r.Cookie("storage")
    if err != nil {
        panic(err.Error())
    }
    c.Name = "Deleted"
    c.Value = "Unuse"
    c.Expires = time.Unix(1414414788, 1414414788000)
}

func readCookieHandler(rw http.ResponseWriter, r *http.Request) {

    c, err := r.Cookie("storage")
    if err != nil {
        panic(err.Error())
    }
    fmt.Println(c.Expires)
}

func evaluateCookieHandler(rw http.ResponseWriter, r *http.Request) {

    c, err := r.Cookie("storage")
    if err != nil {
        panic(err.Error())
    }

    if time.Now().After(c.Expires) {
        fmt.Println("Cookie is expired.")
    }
}

func main() {
    mux := mux.NewRouter()
    mux.HandleFunc("/", rootHandler)
    mux.HandleFunc("/cookie", setCookieHandler)
    mux.HandleFunc("/delete", deleteCookieHandler)
    mux.HandleFunc("/read", readCookieHandler)
    mux.HandleFunc("/eval", evaluateCookieHandler)

    http.ListenAndServe(":3000", mux)
}

As you can see, when I visit /cookie location, it will be set a cookie as expected. Then when I call /delete, it should change the name, value and expired time from cookie. The expired time is changed, but name and value not.

What do I want is, to delete the cookie from browser for sign out in a authentication system, when user click sign out button to delete cookie.
I also discover this link and follow the advice, but does not work as expected.

Answer 1

MaxAge=0 means no 'Max-Age' attribute specified.

MaxAge<0 means delete cookie now, equivalently 'Max-Age: 0'

MaxAge>0 means Max-Age attribute present and given in seconds

c := &http.Cookie{
    Name:     "storage",
    Value:    "",
    Path:     "/",
    MaxAge:   -1,
    HttpOnly: true,
}

http.SetCookie(rw, c)

Answer 2

Cookies are keyed by name, so when you "change" the name, you actually "create" a different cookie, already expired.

Keep the name the same and it should work, but don't forget to take some time one day to read about cookies and how they work.

Answer 3

To delete a cookie named "storage", sending set-cookie with the same cookie name.

deleteCookieHandler() should be as follows

c := &http.Cookie{
    Name:     "storage",
    Value:    "",
    Path:     "/",
    Expires: time.Unix(0, 0),

    HttpOnly: true,
}

http.SetCookie(rw, c)