hrfee/jfa-go
1
0
Fork 0
mirror of https://github.com/hrfee/jfa-go.git synced 2024-12-22 09:00:10 +00:00
Code Issues Projects Releases Wiki Activity

auth: add note for self about secure cookies

Browse Source
This commit is contained in:
Harvey Tindall 2024-08-24 15:25:08 +01:00
parent fcdd4e4518
commit 711b817cff
Signed by: hrfee
GPG Key ID: BBC65952848FB1A2
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
auth.go
View File

@ -251,6 +251,7 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
// host := gc.Request.URL.Hostname() // host := gc.Request.URL.Hostname()
host := app.ExternalDomain host := app.ExternalDomain
// Before you think this is broken: the first "true" arg is for "secure", i.e. only HTTPS!
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true) gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true)
gc.JSON(200, getTokenDTO{token}) gc.JSON(200, getTokenDTO{token})
} }