feat(api): make cookie options configurable to facilitate staging deb…

…ugging
refly-ai · Jan 17, 2025 · c4408d6 · c4408d6
1 parent 4b91f51
commit c4408d6
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/apps/api/src/auth/auth.service.ts b/apps/api/src/auth/auth.service.ts
@@ -166,17 +166,17 @@ export class AuthService {
     const tokens = await this.login(payload);
     this.setAuthCookie(res, tokens);
     res.clearCookie(LEGACY_TOKEN_COOKIE, {
-      domain: this.configService.get('auth.cookieDomain'),
+      domain: this.configService.get('auth.cookie.domain'),
       secure: true,
       sameSite: 'strict',
     });
   }
 
   cookieOptions(key: string): CookieOptions {
     const baseOptions: CookieOptions = {
-      domain: this.configService.get('auth.cookieDomain') ?? '',
-      secure: true,
-      sameSite: 'strict',
+      domain: this.configService.get('auth.cookie.domain'),
+      secure: this.configService.get('auth.cookie.secure'),
+      sameSite: this.configService.get('auth.cookie.sameSite'),
       path: '/',
     };
 

diff --git a/apps/api/src/config/app.config.ts b/apps/api/src/config/app.config.ts
@@ -47,8 +47,12 @@ export default () => ({
     password: process.env.ELASTICSEARCH_PASSWORD,
   },
   auth: {
-    cookieDomain: process.env.REFLY_COOKIE_DOMAIN || '.refly.ai',
     redirectUrl: process.env.LOGIN_REDIRECT_URL,
+    cookie: {
+      domain: process.env.REFLY_COOKIE_DOMAIN || '.refly.ai',
+      secure: process.env.REFLY_COOKIE_SECURE === 'true' || false,
+      sameSite: process.env.REFLY_COOKIE_SAME_SITE || 'strict',
+    },
     jwt: {
       secret: process.env.JWT_SECRET || 'test',
       expiresIn: process.env.JWT_EXPIRATION_TIME || '15m',