iio/pingvin-share
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add 'secureCookies' configuration variable to explicitly set the secure flag and prevent confusion

Browse Source
This commit is contained in:
Elias Schneider
2024-11-14 17:31:17 +01:00
parent 77eef187b7
commit 4ce64206be
5 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/src/auth/auth.service.ts
View File

@@ -334,7 +334,7 @@ export class AuthService {
refreshToken?: string,
accessToken?: string,
) {
const isSecure = this.config.get("general.appUrl").startsWith("https");
const isSecure = this.config.get("general.secureCookies");
if (accessToken)
response.cookie("access_token", accessToken, {
sameSite: "lax",