@urga-panel/ur-panels-core 1.0.6 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -112,12 +112,14 @@ export class AuthService extends Service {
|
|
|
112
112
|
databaseId: result.user.databaseId,
|
|
113
113
|
databases: result.user.databases // databaseId eklendi
|
|
114
114
|
}, JWT_REFRESH_SECRET, { expiresIn: '7d' });
|
|
115
|
-
//
|
|
116
|
-
|
|
117
|
-
|
|
115
|
+
// --- ENVIRONMENT-BASED COOKIE SETTINGS ---
|
|
116
|
+
const isProd = process.env.NODE_ENV === 'production';
|
|
117
|
+
const domain = isProd ? '.urpanels.com' : '.local.test';
|
|
118
|
+
const secure = isProd ? 'Secure; ' : '';
|
|
119
|
+
const sameSite = isProd ? 'Strict' : 'Lax';
|
|
118
120
|
const headers = new Headers();
|
|
119
|
-
headers.append("Set-Cookie", `accessToken=${accessToken}; Path=/; Domain
|
|
120
|
-
headers.append("Set-Cookie", `refreshToken=${refreshToken}; Path=/; Domain
|
|
121
|
+
headers.append("Set-Cookie", `accessToken=${accessToken}; Path=/; Domain=${domain}; ${secure}HttpOnly; SameSite=${sameSite}; Max-Age=900`);
|
|
122
|
+
headers.append("Set-Cookie", `refreshToken=${refreshToken}; Path=/; Domain=${domain}; ${secure}HttpOnly; SameSite=${sameSite}; Max-Age=604800`);
|
|
121
123
|
headers.append("Content-Type", `application/json`);
|
|
122
124
|
return new Response(JSON.stringify({ status: "success", message: "valid credentials", data: { user: result.user } }), {
|
|
123
125
|
status: 200,
|
package/package.json
CHANGED
|
@@ -174,19 +174,22 @@ export abstract class AuthService extends Service {
|
|
|
174
174
|
{ expiresIn: '7d' }
|
|
175
175
|
);
|
|
176
176
|
|
|
177
|
-
//
|
|
178
|
-
|
|
179
|
-
|
|
177
|
+
// --- ENVIRONMENT-BASED COOKIE SETTINGS ---
|
|
178
|
+
const isProd = process.env.NODE_ENV === 'production';
|
|
179
|
+
const domain = isProd ? '.urpanels.com' : '.local.test';
|
|
180
|
+
const secure = isProd ? 'Secure; ' : '';
|
|
181
|
+
const sameSite = isProd ? 'Strict' : 'Lax';
|
|
182
|
+
|
|
180
183
|
const headers = new Headers();
|
|
181
184
|
|
|
182
185
|
headers.append(
|
|
183
186
|
"Set-Cookie",
|
|
184
|
-
`accessToken=${accessToken}; Path=/; Domain
|
|
187
|
+
`accessToken=${accessToken}; Path=/; Domain=${domain}; ${secure}HttpOnly; SameSite=${sameSite}; Max-Age=900`
|
|
185
188
|
);
|
|
186
189
|
|
|
187
190
|
headers.append(
|
|
188
191
|
"Set-Cookie",
|
|
189
|
-
`refreshToken=${refreshToken}; Path=/; Domain
|
|
192
|
+
`refreshToken=${refreshToken}; Path=/; Domain=${domain}; ${secure}HttpOnly; SameSite=${sameSite}; Max-Age=604800`
|
|
190
193
|
);
|
|
191
194
|
headers.append(
|
|
192
195
|
"Content-Type",
|