wibu/monitoring-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add Secure flag to session cookies in production

Browse Source
This commit is contained in:
amaliadwiy
2026-05-07 11:12:30 +08:00
parent f3c90ba290
commit f469faf740
1 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/app.ts
View File

@@ -11,6 +11,9 @@ import { getMinioDownloadUrl, uploadBugImage } from './lib/minio'
import { addConnection, broadcastToAdmins, getOnlineUserIds, removeConnection } from './lib/presence' import { addConnection, broadcastToAdmins, getOnlineUserIds, removeConnection } from './lib/presence'
import { parseSchema } from './lib/schema-parser' import { parseSchema } from './lib/schema-parser'
const isProduction = process.env.NODE_ENV === 'production'
const cookieFlags = isProduction ? '; Secure' : ''
function getPublicOrigin(request: Request): string { function getPublicOrigin(request: Request): string {
if (process.env.BUN_PUBLIC_BASE_URL) return process.env.BUN_PUBLIC_BASE_URL.replace(/\/$/, '') if (process.env.BUN_PUBLIC_BASE_URL) return process.env.BUN_PUBLIC_BASE_URL.replace(/\/$/, '')
const url = new URL(request.url) const url = new URL(request.url)
@@ -127,7 +130,7 @@ export function createApp() {
}) })
const headers = new Headers() const headers = new Headers()
headers.set('Location', `https://accounts.google.com/o/oauth2/v2/auth?${params}`) headers.set('Location', `https://accounts.google.com/o/oauth2/v2/auth?${params}`)
headers.set('Set-Cookie', `oauth_state=${state}; Path=/; HttpOnly; SameSite=Lax; Max-Age=600`) headers.set('Set-Cookie', `oauth_state=${state}; Path=/; HttpOnly; SameSite=Lax; Max-Age=600${cookieFlags}`)
return new Response(null, { status: 302, headers }) return new Response(null, { status: 302, headers })
}, { }, {
detail: { detail: {
@@ -212,8 +215,8 @@ export function createApp() {
const redirectPath = user.role === 'DEVELOPER' ? '/dev' : user.role === 'USER' ? '/profile' : '/dashboard' const redirectPath = user.role === 'DEVELOPER' ? '/dev' : user.role === 'USER' ? '/profile' : '/dashboard'
const headers = new Headers() const headers = new Headers()
headers.append('Location', redirectPath) headers.append('Location', redirectPath)
headers.append('Set-Cookie', `session=${token}; Path=/; HttpOnly; SameSite=Lax; Max-Age=86400`) headers.append('Set-Cookie', `session=${token}; Path=/; HttpOnly; SameSite=Lax; Max-Age=86400${cookieFlags}`)
headers.append('Set-Cookie', 'oauth_state=; Path=/; HttpOnly; Max-Age=0') headers.append('Set-Cookie', `oauth_state=; Path=/; HttpOnly; Max-Age=0${cookieFlags}`)
return new Response(null, { status: 302, headers }) return new Response(null, { status: 302, headers })
}, { }, {
detail: { detail: {
@@ -241,7 +244,7 @@ export function createApp() {
const token = crypto.randomUUID() const token = crypto.randomUUID()
const expiresAt = new Date(Date.now() + 24 * 60 * 60 * 1000) // 24 hours const expiresAt = new Date(Date.now() + 24 * 60 * 60 * 1000) // 24 hours
await prisma.session.create({ data: { token, userId: user.id, expiresAt } }) await prisma.session.create({ data: { token, userId: user.id, expiresAt } })
set.headers['set-cookie'] = `session=${token}; Path=/; HttpOnly; SameSite=Lax; Max-Age=86400` set.headers['set-cookie'] = `session=${token}; Path=/; HttpOnly; SameSite=Lax; Max-Age=86400${cookieFlags}`
await createSystemLog(user.id, 'LOGIN', 'Logged in successfully') await createSystemLog(user.id, 'LOGIN', 'Logged in successfully')
return { user: { id: user.id, name: user.name, email: user.email, role: user.role, image: user.image } } return { user: { id: user.id, name: user.name, email: user.email, role: user.role, image: user.image } }
}, { }, {
@@ -266,7 +269,7 @@ export function createApp() {
await prisma.session.deleteMany({ where: { token } }) await prisma.session.deleteMany({ where: { token } })
} }
} }
set.headers['set-cookie'] = 'session=; Path=/; HttpOnly; Max-Age=0' set.headers['set-cookie'] = `session=; Path=/; HttpOnly; Max-Age=0${cookieFlags}`
return { ok: true } return { ok: true }
}, { }, {
detail: { detail: {