Honour cookie domain when custom sso is enabled

This commit is contained in:
Rory Powell 2021-10-06 16:50:15 +01:00
parent 0489bb5ee0
commit 615d0390d5
2 changed files with 10 additions and 3 deletions

View File

@ -41,13 +41,19 @@ async function authInternal(ctx, user, err = null, info = null) {
return ctx.throw(403, info ? info : "Unauthorized")
}
// just store the user ID
ctx.cookies.set(Cookies.Auth, user.token, {
const config = {
expires,
path: "/",
httpOnly: false,
overwrite: true,
})
}
if (env.COOKIE_DOMAIN) {
config.domain = env.COOKIE_DOMAIN
}
// just store the user ID
ctx.cookies.set(Cookies.Auth, user.token, config)
}
exports.authenticate = async (ctx, next) => {

View File

@ -41,6 +41,7 @@ module.exports = {
SMTP_PORT: process.env.SMTP_PORT,
SMTP_FROM_ADDRESS: process.env.SMTP_FROM_ADDRESS,
PLATFORM_URL: process.env.PLATFORM_URL,
COOKIE_DOMAIN: process.env.COOKIE_DOMAIN,
_set(key, value) {
process.env[key] = value
module.exports[key] = value