nikdoof/pocket-id
1
0
Fork 0
mirror of https://github.com/nikdoof/pocket-id.git synced 2025-12-14 07:12:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: always set secure on cookie (#130)

Browse Source
This commit is contained in:
Chris Danis
2025-01-18 16:33:41 -05:00
committed by GitHub
parent 05a98ebe87
commit fda08ac1cd
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/internal/controller/user_controller.go
View File

@@ -166,7 +166,7 @@ func (uc *UserController) exchangeOneTimeAccessTokenHandler(c *gin.Context) {
return
}
c.SetCookie("access_token", token, int(time.Hour.Seconds()), "/", "", false, true)
c.SetCookie("access_token", token, int(time.Hour.Seconds()), "/", "", true, true)
c.JSON(http.StatusOK, userDto)
}
@@ -183,7 +183,7 @@ func (uc *UserController) getSetupAccessTokenHandler(c *gin.Context) {
return
}
c.SetCookie("access_token", token, int(time.Hour.Seconds()), "/", "", false, true)
c.SetCookie("access_token", token, int(time.Hour.Seconds()), "/", "", true, true)
c.JSON(http.StatusOK, userDto)
}

8
backend/internal/controller/webauthn_controller.go
View File

@@ -40,7 +40,7 @@ func (wc *WebauthnController) beginRegistrationHandler(c *gin.Context) {
return
}
c.SetCookie("session_id", options.SessionID, int(options.Timeout.Seconds()), "/", "", false, true)
c.SetCookie("session_id", options.SessionID, int(options.Timeout.Seconds()), "/", "", true, true)
c.JSON(http.StatusOK, options.Response)
}
@@ -74,7 +74,7 @@ func (wc *WebauthnController) beginLoginHandler(c *gin.Context) {
return
}
c.SetCookie("session_id", options.SessionID, int(options.Timeout.Seconds()), "/", "", false, true)
c.SetCookie("session_id", options.SessionID, int(options.Timeout.Seconds()), "/", "", true, true)
c.JSON(http.StatusOK, options.Response)
}
@@ -103,7 +103,7 @@ func (wc *WebauthnController) verifyLoginHandler(c *gin.Context) {
return
}
c.SetCookie("access_token", token, int(time.Hour.Seconds()), "/", "", false, true)
c.SetCookie("access_token", token, int(time.Hour.Seconds()), "/", "", true, true)
c.JSON(http.StatusOK, userDto)
}
@@ -163,6 +163,6 @@ func (wc *WebauthnController) updateCredentialHandler(c *gin.Context) {
}
func (wc *WebauthnController) logoutHandler(c *gin.Context) {
c.SetCookie("access_token", "", 0, "/", "", false, true)
c.SetCookie("access_token", "", 0, "/", "", true, true)
c.Status(http.StatusNoContent)
}