From c4408d6e47f7be8957ae8c97ce7e3e94c9d41439 Mon Sep 17 00:00:00 2001 From: mrcfps Date: Fri, 17 Jan 2025 20:22:48 +0800 Subject: [PATCH] feat(api): make cookie options configurable to facilitate staging debugging --- apps/api/src/auth/auth.service.ts | 8 ++++---- apps/api/src/config/app.config.ts | 6 +++++- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/apps/api/src/auth/auth.service.ts b/apps/api/src/auth/auth.service.ts index 1ecf78bb2..471075087 100644 --- a/apps/api/src/auth/auth.service.ts +++ b/apps/api/src/auth/auth.service.ts @@ -166,7 +166,7 @@ export class AuthService { const tokens = await this.login(payload); this.setAuthCookie(res, tokens); res.clearCookie(LEGACY_TOKEN_COOKIE, { - domain: this.configService.get('auth.cookieDomain'), + domain: this.configService.get('auth.cookie.domain'), secure: true, sameSite: 'strict', }); @@ -174,9 +174,9 @@ export class AuthService { cookieOptions(key: string): CookieOptions { const baseOptions: CookieOptions = { - domain: this.configService.get('auth.cookieDomain') ?? '', - secure: true, - sameSite: 'strict', + domain: this.configService.get('auth.cookie.domain'), + secure: this.configService.get('auth.cookie.secure'), + sameSite: this.configService.get('auth.cookie.sameSite'), path: '/', }; diff --git a/apps/api/src/config/app.config.ts b/apps/api/src/config/app.config.ts index 8f7885baa..406643594 100644 --- a/apps/api/src/config/app.config.ts +++ b/apps/api/src/config/app.config.ts @@ -47,8 +47,12 @@ export default () => ({ password: process.env.ELASTICSEARCH_PASSWORD, }, auth: { - cookieDomain: process.env.REFLY_COOKIE_DOMAIN || '.refly.ai', redirectUrl: process.env.LOGIN_REDIRECT_URL, + cookie: { + domain: process.env.REFLY_COOKIE_DOMAIN || '.refly.ai', + secure: process.env.REFLY_COOKIE_SECURE === 'true' || false, + sameSite: process.env.REFLY_COOKIE_SAME_SITE || 'strict', + }, jwt: { secret: process.env.JWT_SECRET || 'test', expiresIn: process.env.JWT_EXPIRATION_TIME || '15m',