strapi-security-suite 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/server/index.js +9 -4
  2. package/dist/server/index.mjs +9 -4
  3. package/package.json +1 -1
package/dist/server/index.js CHANGED
@@ -106,11 +106,16 @@ function clearSessionCookies(ctx) {
106
106
  path: "/admin",
107
107
  httpOnly: true
108
108
  });
109
- ctx.cookies.set(COOKIES.JWT_TOKEN, "", {
109
+ const configuredSecure = strapi.config.get("admin.auth.cookie.secure");
110
+ const isProduction = process.env.NODE_ENV === "production";
111
+ const jwtClearOpts = {
110
112
  expires: /* @__PURE__ */ new Date(0),
111
- path: "/",
112
- httpOnly: false
113
- });
113
+ httpOnly: false,
114
+ secure: typeof configuredSecure === "boolean" ? configuredSecure : isProduction,
115
+ domain: strapi.config.get("admin.auth.domain"),
116
+ overwrite: true
117
+ };
118
+ ctx.cookies.set(COOKIES.JWT_TOKEN, "", jwtClearOpts);
114
119
  }
115
120
  async function trackActivity(ctx, next) {
116
121
  const adminUser = ctx.state[CTX_ADMIN_USER];
package/dist/server/index.mjs CHANGED
@@ -103,11 +103,16 @@ function clearSessionCookies(ctx) {
103
103
  path: "/admin",
104
104
  httpOnly: true
105
105
  });
106
- ctx.cookies.set(COOKIES.JWT_TOKEN, "", {
106
+ const configuredSecure = strapi.config.get("admin.auth.cookie.secure");
107
+ const isProduction = process.env.NODE_ENV === "production";
108
+ const jwtClearOpts = {
107
109
  expires: /* @__PURE__ */ new Date(0),
108
- path: "/",
109
- httpOnly: false
110
- });
110
+ httpOnly: false,
111
+ secure: typeof configuredSecure === "boolean" ? configuredSecure : isProduction,
112
+ domain: strapi.config.get("admin.auth.domain"),
113
+ overwrite: true
114
+ };
115
+ ctx.cookies.set(COOKIES.JWT_TOKEN, "", jwtClearOpts);
111
116
  }
112
117
  async function trackActivity(ctx, next) {
113
118
  const adminUser = ctx.state[CTX_ADMIN_USER];
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "strapi-security-suite",
3
- "version": "0.3.2",
3
+ "version": "0.3.3",
4
4
  "description": "All-in-one authentication and session security plugin for Strapi v5",
5
5
  "license": "MIT",
6
6
  "author": "(LPIX-11) <mohamed.johnson@orange-sonatel.com>",