swissmakers_gmbh/swiss-datashare
12
0
Fork 0
mirror of https://github.com/swissmakers/swiss-datashare.git synced 2026-04-09 09:37:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: add 'secureCookies' configuration variable to explicitly set the secure flag and prevent confusion

Browse Source
This commit is contained in:
Elias Schneider
2024-11-14 17:31:17 +01:00
parent 77eef187b7
commit 4ce64206be
5 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/prisma/seed/config.seed.ts
View File

@@ -20,6 +20,10 @@ const configVariables: ConfigVariables = {
defaultValue: "http://localhost:3000",
secret: false,
},
secureCookies: {
type: "boolean",
defaultValue: "false",
},
showHomePage: {
type: "boolean",
defaultValue: "true",

2
backend/src/auth/auth.controller.ts
View File

@@ -176,7 +176,7 @@ export class AuthController {
request.cookies.access_token,
);
const isSecure = this.config.get("general.appUrl").startsWith("https");
const isSecure = this.config.get("general.secureCookies");
response.cookie("access_token", "", {
maxAge: -1,
secure: isSecure,

2
backend/src/auth/auth.service.ts
View File

@@ -334,7 +334,7 @@ export class AuthService {
refreshToken?: string,
accessToken?: string,
) {
const isSecure = this.config.get("general.appUrl").startsWith("https");
const isSecure = this.config.get("general.secureCookies");
if (accessToken)
response.cookie("access_token", accessToken, {
sameSite: "lax",

2
backend/src/user/user.controller.ts
View File

@@ -53,7 +53,7 @@ export class UserController {
@GetUser() user: User,
@Res({ passthrough: true }) response: Response,
) {
const isSecure = this.config.get("general.appUrl").startsWith("https");
const isSecure = this.config.get("general.secureCookies");
response.cookie("access_token", "accessToken", {
maxAge: -1,