1
0
mirror of https://github.com/hrfee/jfa-go.git synced 2024-12-22 17:10:10 +00:00

auth: add note for self about secure cookies

This commit is contained in:
Harvey Tindall 2024-08-24 15:25:08 +01:00
parent fcdd4e4518
commit 711b817cff
Signed by: hrfee
GPG Key ID: BBC65952848FB1A2

View File

@ -251,6 +251,7 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
// host := gc.Request.URL.Hostname() // host := gc.Request.URL.Hostname()
host := app.ExternalDomain host := app.ExternalDomain
// Before you think this is broken: the first "true" arg is for "secure", i.e. only HTTPS!
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true) gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true)
gc.JSON(200, getTokenDTO{token}) gc.JSON(200, getTokenDTO{token})
} }