propro-utils 1.6.7 → 1.6.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/src/server/middleware/cookieUtils.js +14 -2
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "propro-utils",
3
- "version": "1.6.7",
3
+ "version": "1.6.8",
4
4
  "description": "Auth middleware for propro-auth",
5
5
  "main": "src/index.js",
6
6
  "scripts": {
package/src/server/middleware/cookieUtils.js CHANGED
@@ -126,9 +126,9 @@ const setAuthCookies = async (res, tokens, account, user, appUrl) => {
126
126
  if (domain?.includes("propro.so")) {
127
127
  // Handle both main domain and subdomains of propro.so
128
128
  if (domain.startsWith("short.")) {
129
- domain = "short.propro.so";
129
+ domain = ".short.propro.so";
130
130
  } else {
131
- domain = "propro.so";
131
+ domain = ".propro.so";
132
132
  }
133
133
  }
134
134
 
@@ -154,6 +154,8 @@ const setAuthCookies = async (res, tokens, account, user, appUrl) => {
154
154
  sameSite: isSecureConnection ? "None" : "Lax",
155
155
  domain,
156
156
  path: "/",
157
+ httpOnly: false,
158
+ expires: new Date(Date.now() + 365 * 24 * 60 * 60 * 1000),
157
159
  };
158
160
 
159
161
  console.log("Cookie attributes:", commonAttributes);
@@ -163,11 +165,13 @@ const setAuthCookies = async (res, tokens, account, user, appUrl) => {
163
165
  value: tokens.refresh.token,
164
166
  maxAge: refreshMaxAge,
165
167
  httpOnly: true,
168
+ secure: isSecureConnection,
166
169
  },
167
170
  "x-access-token": {
168
171
  value: tokens.access.token,
169
172
  maxAge: accessMaxAge,
170
173
  httpOnly: true,
174
+ secure: isSecureConnection,
171
175
  },
172
176
  };
173
177
 
@@ -179,14 +183,20 @@ const setAuthCookies = async (res, tokens, account, user, appUrl) => {
179
183
  user: {
180
184
  value: safeStringify(sanitizedUser),
181
185
  maxAge: refreshMaxAge,
186
+ httpOnly: false,
187
+ secure: isSecureConnection,
182
188
  },
183
189
  account: {
184
190
  value: safeStringify(sanitizedAccount),
185
191
  maxAge: refreshMaxAge,
192
+ httpOnly: false,
193
+ secure: isSecureConnection,
186
194
  },
187
195
  has_account_token: {
188
196
  value: JSON.stringify({ value: "true", expires: accessMaxAge }),
189
197
  maxAge: accessMaxAge,
198
+ httpOnly: false,
199
+ secure: isSecureConnection,
190
200
  },
191
201
  };
192
202
 
@@ -291,6 +301,8 @@ const clearAuthCookies = async (res, appUrl) => {
291
301
  sameSite: isSecureConnection ? "None" : "Lax",
292
302
  domain,
293
303
  path: "/",
304
+ httpOnly: false,
305
+ expires: new Date(0),
294
306
  };
295
307
 
296
308
  console.log("Clear cookie attributes:", commonAttributes);