mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-07-02 18:14:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

remove secure_cookies option from config

Browse source
This commit is contained in:
Milo Schwartz 2025-01-30 21:53:42 -05:00
parent f5e894e06a
commit f40d91ff9e
No known key found for this signature in database
8 changed files with 12 additions and 141 deletions
Download patch file Download diff file Expand all files Collapse all files

8
server/auth/sessions/resource.ts
View file

@ -9,7 +9,6 @@ export const SESSION_COOKIE_NAME =
config.getRawConfig().server.session_cookie_name;
export const SESSION_COOKIE_EXPIRES =
1000 * 60 * 60 * config.getRawConfig().server.resource_session_length_hours;
export const SECURE_COOKIES = config.getRawConfig().server.secure_cookies;
export async function createResourceSession(opts: {
token: string;
@ -170,7 +169,7 @@ export function serializeResourceSessionCookie(
token: string,
isHttp: boolean = false
): string {
if (SECURE_COOKIES && !isHttp) {
if (!isHttp) {
return `${cookieName}_s=${token}; HttpOnly; SameSite=Strict; Max-Age=${SESSION_COOKIE_EXPIRES / 1000}; Path=/; Secure; Domain=${"." + domain}`;
} else {
return `${cookieName}=${token}; HttpOnly; SameSite=Strict; Max-Age=${SESSION_COOKIE_EXPIRES / 1000}; Path=/; Domain=${"." + domain}`;
@ -179,9 +178,10 @@ export function serializeResourceSessionCookie(
export function createBlankResourceSessionTokenCookie(
cookieName: string,
domain: string
domain: string,
isHttp: boolean = false
): string {
if (SECURE_COOKIES) {
if (!isHttp) {
return `${cookieName}_s=; HttpOnly; SameSite=Strict; Max-Age=0; Path=/; Secure; Domain=${"." + domain}`;
} else {
return `${cookieName}=; HttpOnly; SameSite=Strict; Max-Age=0; Path=/; Domain=${"." + domain}`;