propro-utils 1.4.50 → 1.4.52

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/src/server/index.js +1 -1
  3. package/src/server/middleware/setAuthCookies.js +16 -9
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "propro-utils",
3
- "version": "1.4.50",
3
+ "version": "1.4.52",
4
4
  "description": "Auth middleware for propro-auth",
5
5
  "main": "src/index.js",
6
6
  "scripts": {
package/src/server/index.js CHANGED
@@ -121,7 +121,7 @@ function proproAuthMiddleware(options = {}, userSchema) {
121
121
 
122
122
  const user = await checkIfUserExists(userSchema, account.accountId);
123
123
 
124
- setAuthCookies(res, tokens, account, user);
124
+ setAuthCookies(res, tokens, account, user, redirectUrl);
125
125
 
126
126
  const urlToRedirect = formatRedirectUrl(redirectUrl);
127
127
 
package/src/server/middleware/setAuthCookies.js CHANGED
@@ -5,36 +5,43 @@
5
5
  * @param {Object} tokens - The authentication tokens.
6
6
  * @param {Object} account - The user's account information.
7
7
  * @param {Object} user - The user's information.
8
+ * @param {string} redirectUrl - The URL to redirect the user to.
8
9
  */
9
- const setAuthCookies = (res, tokens, account, user) => {
10
+ const setAuthCookies = (res, tokens, account, user, redirectUri) => {
10
11
  const currentDateTime = new Date();
11
12
 
12
13
  const refreshMaxAge =
13
14
  new Date(tokens.refresh.expires).getTime() - currentDateTime.getTime();
15
+ const accessMaxAge =
16
+ new Date(tokens.access.expires).getTime() - currentDateTime.getTime();
17
+
18
+ const commonAttributes = {
19
+ secure: process.env.NODE_ENV === 'production',
20
+ // sameSite: 'Strict',
21
+ // path: '/',
22
+ domain: redirectUri ? new URL(redirectUri).hostname : undefined,
23
+ };
14
24
 
15
25
  res.cookie('x-refresh-token', tokens.refresh.token, {
16
26
  httpOnly: true,
17
- secure: process.env.NODE_ENV === 'production',
18
27
  maxAge: refreshMaxAge,
28
+ ...commonAttributes,
19
29
  });
20
30
 
21
- const accessMaxAge =
22
- new Date(tokens.access.expires).getTime() - currentDateTime.getTime();
23
-
24
31
  res.cookie('x-access-token', tokens.access.token, {
25
32
  httpOnly: true,
26
- secure: process.env.NODE_ENV === 'production',
27
33
  maxAge: accessMaxAge,
34
+ ...commonAttributes,
28
35
  });
29
36
 
30
37
  res.cookie('user', JSON.stringify(user), {
31
38
  maxAge: refreshMaxAge,
32
- secure: process.env.NODE_ENV === 'production',
39
+ ...commonAttributes,
33
40
  });
34
41
 
35
42
  res.cookie('account', JSON.stringify(account), {
36
43
  maxAge: refreshMaxAge,
37
- secure: process.env.NODE_ENV === 'production',
44
+ ...commonAttributes,
38
45
  });
39
46
 
40
47
  res.cookie(
@@ -42,7 +49,7 @@ const setAuthCookies = (res, tokens, account, user) => {
42
49
  JSON.stringify({ value: 'true', expires: accessMaxAge }),
43
50
  {
44
51
  maxAge: accessMaxAge,
45
- secure: process.env.NODE_ENV === 'production',
52
+ ...commonAttributes,
46
53
  }
47
54
  );
48
55
  };