Refactor login cookie with cookieOptions function (#2003)

2025-03-22 19:36:04 -05:00 · 2025-03-22 19:36:04 -05:00 · 9b08988402
commit 9b08988402
parent b54268a88f
1 changed files with 11 additions and 9 deletions
--- a/components/login.js
+++ b/components/login.js
@ -9,6 +9,9 @@ import { NostrAuthWithExplainer } from './nostr-auth'
 import LoginButton from './login-button'
 import { emailSchema } from '@/lib/validate'
 import { OverlayTrigger, Tooltip } from 'react-bootstrap'
+import { datePivot } from '@/lib/time'
+import * as cookie from 'cookie'
+import { cookieOptions } from '@/lib/auth'

 export function EmailLoginForm ({ text, callbackUrl, multiAuth }) {
  const disabled = multiAuth
@ -59,15 +62,14 @@ export default function Login ({ providers, callbackUrl, multiAuth, error, text,

  // signup/signin awareness cookie
  useEffect(() => {
-    const cookieOptions = [
-      `signin=${!!signin}`,
-      'path=/',
-      'max-age=' + (signin ? 60 * 60 * 24 : 0), // 24 hours if signin is true, expire the cookie otherwise
-      'SameSite=Lax',
-      process.env.NODE_ENV === 'production' ? 'Secure' : ''
-    ].filter(Boolean).join(';')
-
-    document.cookie = cookieOptions
+    // expire cookie if we're on /signup instead of /login
+    // since the server will only check if the cookie is set, not its value
+    const options = cookieOptions({
+      expires: signin ? datePivot(new Date(), { hours: 24 }) : 0,
+      maxAge: signin ? 86400 : 0,
+      httpOnly: false
+    })
+    document.cookie = cookie.serialize('signin', signin, options)
  }, [signin])

  if (router.query.type === 'lightning') {