nathanwoodburn/eth-oidc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove secure cookie for easier local testing

Browse Source 
Still rely on samesite and httponly
This commit is contained in:
Simon Bihel 2022-08-19 11:31:46 +01:00
parent 3c61d2308f
commit 5ae46af107
No known key found for this signature in database
GPG Key ID: B7013150BEAA28FD
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/oidc.rs
View File

@ -1,6 +1,6 @@
use anyhow::{anyhow, Result}; use anyhow::{anyhow, Result};
use chrono::{Duration, Utc}; use chrono::{Duration, Utc};
use cookie::Cookie; use cookie::{Cookie, SameSite};
use ethers_core::{types::H160, utils::to_checksum}; use ethers_core::{types::H160, utils::to_checksum};
use headers::{self, authorization::Bearer}; use headers::{self, authorization::Bearer};
use hex::FromHex; use hex::FromHex;
@ -440,9 +440,7 @@ pub async fn authorize(
) )
.await?; .await?;
let session_cookie = Cookie::build(SESSION_COOKIE_NAME, session_id.to_string()) let session_cookie = Cookie::build(SESSION_COOKIE_NAME, session_id.to_string())
// .domain(base) .same_site(SameSite::Strict)
// .path("/")
.secure(true)
.http_only(true) .http_only(true)
.max_age(cookie::time::Duration::seconds( .max_age(cookie::time::Duration::seconds(
SESSION_LIFETIME.try_into().unwrap(), SESSION_LIFETIME.try_into().unwrap(),