Merge pull request #4027 from Budibase/fix/samesite
sameSite and secure cookie settings
This commit is contained in:
commit
31d4c46938
|
@ -6,6 +6,13 @@ function isTest() {
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function isDev() {
|
||||||
|
return (
|
||||||
|
process.env.NODE_ENV !== "production" &&
|
||||||
|
process.env.BUDIBASE_ENVIRONMENT !== "production"
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
JWT_SECRET: process.env.JWT_SECRET,
|
JWT_SECRET: process.env.JWT_SECRET,
|
||||||
COUCH_DB_URL: process.env.COUCH_DB_URL,
|
COUCH_DB_URL: process.env.COUCH_DB_URL,
|
||||||
|
@ -27,6 +34,7 @@ module.exports = {
|
||||||
COOKIE_DOMAIN: process.env.COOKIE_DOMAIN,
|
COOKIE_DOMAIN: process.env.COOKIE_DOMAIN,
|
||||||
PLATFORM_URL: process.env.PLATFORM_URL,
|
PLATFORM_URL: process.env.PLATFORM_URL,
|
||||||
isTest,
|
isTest,
|
||||||
|
isDev,
|
||||||
_set(key, value) {
|
_set(key, value) {
|
||||||
process.env[key] = value
|
process.env[key] = value
|
||||||
module.exports[key] = value
|
module.exports[key] = value
|
||||||
|
|
|
@ -23,6 +23,7 @@ const { getUserSessions, invalidateSessions } = require("./security/sessions")
|
||||||
const { migrateIfRequired } = require("./migrations")
|
const { migrateIfRequired } = require("./migrations")
|
||||||
const { USER_EMAIL_VIEW_CASING } = require("./migrations").MIGRATIONS
|
const { USER_EMAIL_VIEW_CASING } = require("./migrations").MIGRATIONS
|
||||||
const { GLOBAL_DB } = require("./migrations").MIGRATION_DBS
|
const { GLOBAL_DB } = require("./migrations").MIGRATION_DBS
|
||||||
|
const { isDev, isTest } = require("./environment")
|
||||||
|
|
||||||
const APP_PREFIX = DocumentTypes.APP + SEPARATOR
|
const APP_PREFIX = DocumentTypes.APP + SEPARATOR
|
||||||
|
|
||||||
|
@ -108,6 +109,11 @@ exports.setCookie = (ctx, value, name = "builder", opts = { sign: true }) => {
|
||||||
overwrite: true,
|
overwrite: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!isDev() && !isTest()) {
|
||||||
|
config.sameSite = "none"
|
||||||
|
config.secure = true
|
||||||
|
}
|
||||||
|
|
||||||
if (environment.COOKIE_DOMAIN) {
|
if (environment.COOKIE_DOMAIN) {
|
||||||
config.domain = environment.COOKIE_DOMAIN
|
config.domain = environment.COOKIE_DOMAIN
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue