gburri/recipes
1
0
Fork 0
Code Issues 6 Pull requests Projects Releases Packages Wiki Activity Actions

Set authentication cookie as secure

Browse source
This commit is contained in:
Greg Burri 2025-05-07 21:47:24 +02:00
parent 6f014ef238
commit f9899c1aeb
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
backend/src/services/user.rs
View file

@ -237,6 +237,7 @@ pub async fn sign_up_validation(
{ {
db::user::ValidationResult::Ok(token, user_id) => { db::user::ValidationResult::Ok(token, user_id) => {
let cookie = Cookie::build((consts::COOKIE_AUTH_TOKEN_NAME, token)) let cookie = Cookie::build((consts::COOKIE_AUTH_TOKEN_NAME, token))
.secure(true)
.same_site(cookie::SameSite::Strict); .same_site(cookie::SameSite::Strict);
jar = jar.add(cookie); jar = jar.add(cookie);
let user = connection.load_user(user_id).await?; let user = connection.load_user(user_id).await?;
@ -367,6 +368,7 @@ pub async fn sign_in_post(
} }
db::user::SignInResult::Ok(token, _user_id) => { db::user::SignInResult::Ok(token, _user_id) => {
let cookie = Cookie::build((consts::COOKIE_AUTH_TOKEN_NAME, token)) let cookie = Cookie::build((consts::COOKIE_AUTH_TOKEN_NAME, token))
.secure(true)
.same_site(cookie::SameSite::Strict); .same_site(cookie::SameSite::Strict);
Ok(( Ok((
jar.add(cookie), jar.add(cookie),
@ -974,6 +976,7 @@ pub async fn email_revalidation(
{ {
db::user::ValidationResult::Ok(token, user_id) => { db::user::ValidationResult::Ok(token, user_id) => {
let cookie = Cookie::build((consts::COOKIE_AUTH_TOKEN_NAME, token)) let cookie = Cookie::build((consts::COOKIE_AUTH_TOKEN_NAME, token))
.secure(true)
.same_site(cookie::SameSite::Strict); .same_site(cookie::SameSite::Strict);
jar = jar.add(cookie); jar = jar.add(cookie);
let user = connection.load_user(user_id).await?; let user = connection.load_user(user_id).await?;