From fe68bd45842cb5b2c9b4b4a9aac51c92175962c3 Mon Sep 17 00:00:00 2001 From: Luke Hagar Date: Mon, 11 Mar 2024 11:07:57 -0500 Subject: [PATCH] Allowed secure httpOnly cookies --- src/lib/utils/oauth.ts | 12 +++--------- src/routes/callback/+page.server.ts | 4 +--- src/routes/logout/+page.server.ts | 12 ++++++------ 3 files changed, 10 insertions(+), 18 deletions(-) diff --git a/src/lib/utils/oauth.ts b/src/lib/utils/oauth.ts index bbc13a1..0846253 100644 --- a/src/lib/utils/oauth.ts +++ b/src/lib/utils/oauth.ts @@ -76,9 +76,7 @@ export function getTokenDetails(cookies: Cookies): TokenDetails | undefined { export function setTokenDetails(cookies: Cookies, tokenDetails: TokenDetails) { cookies.set('tokenDetails', encrypt(JSON.stringify(tokenDetails)), { - path: '/', - httpOnly: false, - secure: false + path: '/' }); } @@ -120,15 +118,11 @@ export async function refreshToken( export async function logout(cookies: Cookies) { cookies.delete('session', { - path: '/', - httpOnly: false, - secure: false + path: '/' }); cookies.delete('idnSession', { - path: '/', - httpOnly: false, - secure: false + path: '/' }); } diff --git a/src/routes/callback/+page.server.ts b/src/routes/callback/+page.server.ts index 82ec5b2..28523f5 100644 --- a/src/routes/callback/+page.server.ts +++ b/src/routes/callback/+page.server.ts @@ -36,9 +36,7 @@ export const load: PageServerLoad = async ({ url, cookies, locals }) => { }); cookies.set('idnSession', encrypt(JSON.stringify(response.data)), { - path: '/', - httpOnly: false, - secure: false + path: '/' }); return { counterList }; diff --git a/src/routes/logout/+page.server.ts b/src/routes/logout/+page.server.ts index d2bbf2a..95f5575 100644 --- a/src/routes/logout/+page.server.ts +++ b/src/routes/logout/+page.server.ts @@ -2,15 +2,15 @@ import { generateLogoutLink } from '$lib/utils/oauth.js'; export const load = async ({ cookies, locals }) => { cookies.delete('session', { - path: '/', - httpOnly: false, - secure: false + path: '/' }); cookies.delete('idnSession', { - path: '/', - httpOnly: false, - secure: false + path: '/' + }); + + cookies.delete('tokenDetails', { + path: '/' }); console.log('Logging out');