Well rounded article. The securecookie from Gorilla works quite nicely. A good feature is that you can have key-rotation in the server-side signature function and can gradually introduce new keys to sign your cookies