Use cookieOptions for pointer cookie (#2005)
This commit is contained in:
parent
bce4053b72
commit
5e2185c18f
@ -9,6 +9,7 @@ import { UserListRow } from '@/components/user-list'
|
||||
import Link from 'next/link'
|
||||
import AddIcon from '@/svgs/add-fill.svg'
|
||||
import { MultiAuthErrorBanner } from '@/components/banners'
|
||||
import { cookieOptions } from '@/lib/auth'
|
||||
|
||||
const AccountContext = createContext()
|
||||
|
||||
@ -16,10 +17,6 @@ const CHECK_ERRORS_INTERVAL_MS = 5_000
|
||||
|
||||
const b64Decode = str => Buffer.from(str, 'base64').toString('utf-8')
|
||||
|
||||
const maybeSecureCookie = cookie => {
|
||||
return window.location.protocol === 'https:' ? cookie + '; Secure' : cookie
|
||||
}
|
||||
|
||||
export const AccountProvider = ({ children }) => {
|
||||
const [accounts, setAccounts] = useState([])
|
||||
const [meAnon, setMeAnon] = useState(true)
|
||||
@ -115,7 +112,8 @@ const AccountListRow = ({ account, ...props }) => {
|
||||
e.preventDefault()
|
||||
|
||||
// update pointer cookie
|
||||
document.cookie = maybeSecureCookie(`multi_auth.user-id=${anonRow ? 'anonymous' : account.id}; Path=/`)
|
||||
const options = cookieOptions({ httpOnly: false })
|
||||
document.cookie = cookie.serialize('multi_auth.user-id', anonRow ? 'anonymous' : account.id, options)
|
||||
|
||||
// update state
|
||||
if (anonRow) {
|
||||
|
@ -11,7 +11,7 @@ const userJwtRegexp = /^multi_auth\.\d+$/
|
||||
const HTTPS = process.env.NODE_ENV === 'production'
|
||||
const SESSION_COOKIE_NAME = HTTPS ? '__Secure-next-auth.session-token' : 'next-auth.session-token'
|
||||
|
||||
const cookieOptions = (args) => ({
|
||||
export const cookieOptions = (args) => ({
|
||||
path: '/',
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
// httpOnly cookies by default
|
||||
|
Loading…
x
Reference in New Issue
Block a user