TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 15:27:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #463 from zitadel/qa

Browse Source 
fix: enfore secure cookie for production environments
This commit is contained in:
Max Peintner
2025-05-19 17:05:40 +02:00
committed by GitHub
parent a4d703362f 29eeef798a
commit 276ec4015d
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/login/src/lib/cookies.ts
View File

@@ -31,7 +31,8 @@ async function setSessionHttpOnlyCookie<T>(
value: JSON.stringify(sessions), value: JSON.stringify(sessions),
httpOnly: true, httpOnly: true,
path: "/", path: "/",
sameSite, sameSite: process.env.NODE_ENV === "production" ? sameSite : "lax",
secure: process.env.NODE_ENV === "production",
}); });
} }

3
turbo.json
View File

@@ -12,7 +12,8 @@
"ZITADEL_API_URL", "ZITADEL_API_URL",
"ZITADEL_SERVICE_USER_TOKEN", "ZITADEL_SERVICE_USER_TOKEN",
"NEXT_PUBLIC_BASE_PATH", "NEXT_PUBLIC_BASE_PATH",
"CUSTOM_REQUEST_HEADERS" "CUSTOM_REQUEST_HEADERS",
"NODE_ENV"
], ],
"tasks": { "tasks": {
"generate": { "generate": {