mirror of
https://github.com/hrfee/jfa-go.git
synced 2024-12-22 09:00:10 +00:00
auth: add note for self about secure cookies
This commit is contained in:
parent
fcdd4e4518
commit
711b817cff
1
auth.go
1
auth.go
@ -251,6 +251,7 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
|
||||
// host := gc.Request.URL.Hostname()
|
||||
host := app.ExternalDomain
|
||||
|
||||
// Before you think this is broken: the first "true" arg is for "secure", i.e. only HTTPS!
|
||||
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", host, true, true)
|
||||
gc.JSON(200, getTokenDTO{token})
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user