Skip to content

Commit

Permalink
Updated security information
Browse files Browse the repository at this point in the history
  • Loading branch information
davenquinn committed Oct 19, 2024
1 parent 3f69e24 commit aadbd8c
Showing 1 changed file with 8 additions and 14 deletions.
22 changes: 8 additions & 14 deletions api/routes/security.py
Original file line number Diff line number Diff line change
Expand Up @@ -305,25 +305,19 @@ async def redirect_callback(code: str, state: Optional[str] = None):
response.set_cookie(
access_token_key,
f"Bearer {access_token}",
domain=domain,
httponly=True,
samesite="lax",
)
# Set the same cookie for localhost if we're doing a redirect to another domain (this is likely a dev mode request)
# We may want to restrict this to development environments in the future...
# if redirect_domain not in [domain, ""]:
response.set_cookie(
access_token_key,
f"Bearer {access_token}",
domain="localhost",
httponly=True,
samesite="lax",
)
response.set_cookie(
access_token_key,
f"Bearer {access_token}",
httponly=True,
)
if redirect_domain not in [domain, ""]:
response.set_cookie(
access_token_key,
f"Bearer {access_token}",
domain="localhost",
httponly=True,
samesite="lax",
)

return response

Expand Down

0 comments on commit aadbd8c

Please sign in to comment.