feat: stronger logout

author: Fuwn <[email protected]> 2024-02-06 02:29:07 -0800
committer: Fuwn <[email protected]> 2024-02-06 02:29:07 -0800
commit: d1be3ef67a4e403dc9ee76d97b156eda57adafff (patch)
tree: 4306fe316cb9322317ef0cd1feb016f2eb533b91 /src/routes/api/oauth/refresh
parent: feat(layout): remove stores using localstorage (diff)
download: due.moe-d1be3ef67a4e403dc9ee76d97b156eda57adafff.tar.xz
due.moe-d1be3ef67a4e403dc9ee76d97b156eda57adafff.zip
1 files changed, 2 insertions, 3 deletions
diff --git a/src/routes/api/oauth/refresh/+server.ts b/src/routes/api/oauth/refresh/+server.ts
index 8bfac6e6..b2b36db2 100644
--- a/src/routes/api/oauth/refresh/+server.ts
+++ b/src/routes/api/oauth/refresh/+server.ts
@@ -1,4 +1,3 @@
-import { dev } from '$app/environment';
 import { env } from '$env/dynamic/private';
 import { env as env2 } from '$env/dynamic/public';
 import { redirect } from '@sveltejs/kit';
@@ -21,9 +20,9 @@ export const GET = async ({ url, cookies }) => {
 	cookies.set('user', JSON.stringify(newUser), {
 		path: '/',
 		maxAge: 60 * 60 * 24 * 7,
-		httpOnly: true,
+		httpOnly: false,
 		sameSite: 'lax',
-		secure: !dev
+		secure: false
 	});
 
 	if (url.searchParams.get('redirect')) throw redirect(303, '/');
author	Fuwn <[email protected]>	2024-02-06 02:29:07 -0800
committer	Fuwn <[email protected]>	2024-02-06 02:29:07 -0800
commit	d1be3ef67a4e403dc9ee76d97b156eda57adafff (patch)
tree	4306fe316cb9322317ef0cd1feb016f2eb533b91 /src/routes/api/oauth/refresh
parent	feat(layout): remove stores using localstorage (diff)
download	due.moe-d1be3ef67a4e403dc9ee76d97b156eda57adafff.tar.xz due.moe-d1be3ef67a4e403dc9ee76d97b156eda57adafff.zip