drexa/drive
1
0
Fork 0
mirror of https://github.com/get-drexa/drive.git synced 2026-02-02 23:41:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(backend): remove unused secure cookie config

Browse Source
This commit is contained in:
Kenneth
2025-12-29 00:19:44 +00:00
parent f4620dff3a
commit c3a173de66
5 changed files with 3 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
apps/backend/internal/auth/cookies.go
View File

@@ -11,10 +11,6 @@ type CookieConfig struct {
// Domain for cross-subdomain cookies (e.g., "app.com" for web.app.com + api.app.com).
// Leave empty for same-host cookies (localhost, single domain).
Domain string
// Secure controls whether cookies are only sent over HTTPS.
// If nil, automatically set based on request protocol (true for HTTPS, false for HTTP).
// If explicitly set, this value is used regardless of protocol.
Secure *bool
}
// authCookies returns auth cookies from the given fiber context.
@@ -33,8 +29,7 @@ func authCookies(c *fiber.Ctx) map[string]string {
}
// SetAuthCookies sets HTTP-only auth cookies with security settings derived from the request.
// Secure flag is based on actual protocol (works automatically with proxies/tunnels),
// unless explicitly set in cfg.Secure.
// Secure flag is based on the request protocol (works automatically with proxies/tunnels).
func SetAuthCookies(c *fiber.Ctx, accessToken, refreshToken string, cfg CookieConfig) {
secure := c.Protocol() == "https"