mirror of
https://github.com/hrfee/jfa-go.git
synced 2024-12-22 17:10:10 +00:00
auth: add note for self about secure cookies
This commit is contained in:
parent
fcdd4e4518
commit
711b817cff
1
auth.go
1
auth.go
@ -251,6 +251,7 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
|
|||||||
// host := gc.Request.URL.Hostname()
|
// host := gc.Request.URL.Hostname()
|
||||||
host := app.ExternalDomain
|
host := app.ExternalDomain
|
||||||
|
|
||||||
|
// Before you think this is broken: the first "true" arg is for "secure", i.e. only HTTPS!
|
||||||
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true)
|
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true)
|
||||||
gc.JSON(200, getTokenDTO{token})
|
gc.JSON(200, getTokenDTO{token})
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user