matty/peertube-theme-nctv-dark
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor openid cookie options

Browse Source
This commit is contained in:
Chocobozzz 2020-12-29 15:23:16 +01:00
parent b606abcfa2
commit 2dbeb03aed
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
1 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
peertube-plugin-auth-openid-connect/main.js
View File

@ -189,21 +189,18 @@ async function loadSettingsAndCreateClient (registerExternalAuth, unregisterExte
state,
})
const encryptedCodeVerifier = await encrypt(codeVerifier)
res.cookie(cookieNamePrefix + 'code-verifier', encryptedCodeVerifier, {
const cookieOptions = {
secure: webserverUrl.startsWith('https://'),
httpOnly: true,
sameSite: 'none',
maxAge: 1000 * 60 * 10 // 10 minutes
})
}
const encryptedCodeVerifier = await encrypt(codeVerifier)
res.cookie(cookieNamePrefix + 'code-verifier', encryptedCodeVerifier, cookieOptions)
const encryptedState = await encrypt(state)
res.cookie(cookieNamePrefix + 'state', encryptedState, {
secure: webserverUrl.startsWith('https://'),
httpOnly: true,
sameSite: 'none',
maxAge: 1000 * 60 * 10 // 10 minutes
})
res.cookie(cookieNamePrefix + 'state', encryptedState, cookieOptions)
return res.redirect(redirectUrl)
} catch (err) {