monkee
/
Sharkey
mirror of https://git.joinsharkey.org/Sharkey/Sharkey.git
1
0
Fork 1
Code Issues Packages Projects Wiki Activity

merge: make cookie a bit more secure - fixes #445 (!468) 

View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/468

Closes #445

Approved-by: Luna <her@mint.lgbt>
Approved-by: Amelia Yukii <amelia.yukii@shourai.de>
This commit is contained in:
dakkar 2024-03-14 14:47:38 +00:00
parent aa7035a35a 6826e43ad7
commit 94aed953b5
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
packages/frontend/src/account.ts
View File

@ -43,6 +43,7 @@ export async function signout() {
waiting();
miLocalStorage.removeItem('account');
await removeAccount($i.id);
document.cookie = `token=; path=/; max-age=0${ location.protocol === 'https:' ? '; Secure' : ''}`;
const accounts = await getAccounts();
//#region Remove service worker registration
@ -200,7 +201,7 @@ export async function login(token: Account['token'], redirect?: string) {
throw reason;
});
miLocalStorage.setItem('account', JSON.stringify(me));
document.cookie = `token=${token}; path=/; max-age=31536000`; // bull dashboardの認証とかで使う
document.cookie = `token=${token}; path=/; max-age=31536000${ location.protocol === 'https:' ? '; Secure' : ''}`; // bull dashboardの認証とかで使う
await addAccount(me.id, token);
if (redirect) {