AkkomaGang/admin-fe
6
2
Fork 9
Code Issues 5 Pull requests 2 Projects Releases Wiki Activity

Make auth cookies secure and strict

Browse source 
an admin panel should have high auth cookie security.

Signed-off-by: r3g_5z <june@girlboss.ceo>
This commit is contained in:
r3g_5z 2023-01-08 01:30:04 -05:00
parent 56f6210b6a
commit c136a5227f
No known key found for this signature in database
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/utils/auth.js
View file

@ -1,14 +1,14 @@
import Cookies from 'js-cookie'
const TokenKey = 'Admin-Token'
const AuthHostKey = 'Auth-Host'
const TokenKey = process.env.NODE_ENV === 'production' ? '__Host-Admin-Token' : 'Admin-Token'
const AuthHostKey = process.env.NODE_ENV === 'production' ? '__Host-Auth-Host' : 'Auth-Host'
export function getToken() {
return Cookies.get(TokenKey)
}
export function setToken(token) {
return Cookies.set(TokenKey, token)
return process.env.NODE_ENV === 'production' ? Cookies.set(TokenKey, token, { secure: true, sameSite: 'strict' }) : Cookies.set(TokenKey, token)
}
export function removeToken() {
@ -20,7 +20,7 @@ export function getAuthHost() {
}
export function setAuthHost(token) {
return Cookies.set(AuthHostKey, token)
return process.env.NODE_ENV === 'production' ? Cookies.set(AuthHostKey, token, { secure: true, sameSite: 'strict' }) : Cookies.set(AuthHostKey, token)
}
export function removeAuthHost() {