ico
/
pingql
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: sameSite=none for cross-origin cookie (pingql.com → api.pingql.com)

This commit is contained in:
M1 2026-03-18 11:41:00 +04:00
parent 5a0cf5033b
commit 1a7bc4dfa5
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/api/src/routes/auth.ts
View File

@ -78,7 +78,7 @@ export function requireAuth(app: Elysia) {
const COOKIE_OPTS = {
httpOnly: true,
secure: process.env.COOKIE_SECURE !== "false",
sameSite: "lax" as const,
sameSite: "none" as const,
path: "/",
domain: process.env.COOKIE_DOMAIN ?? ".pingql.com",
maxAge: 60 * 60 * 24 * 30, // 30 days

2
apps/web/src/routes/auth.ts
View File

@ -78,7 +78,7 @@ export function requireAuth(app: Elysia) {
const COOKIE_OPTS = {
httpOnly: true,
secure: process.env.COOKIE_SECURE !== "false",
sameSite: "lax" as const,
sameSite: "none" as const,
path: "/",
domain: process.env.COOKIE_DOMAIN ?? ".pingql.com",
maxAge: 60 * 60 * 24 * 30, // 30 days