Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | 1x 1x 1x 1x 1x 1x 1x 1x 1x |
import { addMinutes } from 'topkat-utils'
import { getPluginConfig } from '../../plugins/pluginSystem'
export function setRefreshTokenCookie(ctx: Ctx, refreshToken: string) {
const isProdLike = ctx.env === 'preprod' || ctx.env === 'production' || ctx.env === 'development'
const paths = ['/logout', '/get-new-token', '/update-password-with-old-password']
if (isProdLike) for (const path of paths) setCookie(ctx, 'refreshToken', refreshToken, path)
else setCookie(ctx, 'refreshToken', refreshToken)
}
export function setCsrfTokenCookie(ctx: Ctx, csrfToken: string) {
setCookie(ctx, 'csrfToken', csrfToken)
}
function setCookie(ctx: Ctx, cookieName: string, cookieValue: string, path?: string) {
const { refreshTokenExpirationMinutes } = getPluginConfig('GDmanagedLogin')
const expireDate = addMinutes(new Date(), refreshTokenExpirationMinutes + 2, 'date')
const isProdLike = ctx.env === 'preprod' || ctx.env === 'production'
ctx.api.res.cookie(cookieName, cookieValue, {
httpOnly: true, // do not allow javascript to access the cookie
secure: true, // set to true if cookie is set to https or localhost
sameSite: isProdLike ? 'strict' : 'none', // helps mitigate CSRF attacks
domain: isProdLike ? '.bangk.app' : undefined, // allow all subdomains or request origin by default
path, // default to '/'
expires: expireDate,
})
} |