code002lover/IPost
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

set secure to true in cookies

Browse Source
This commit is contained in:
Mystikfluu 2022-04-20 22:29:28 +02:00
parent acbc100824
commit 2c9f27b8de
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server.js
View File

@ -265,7 +265,7 @@ router.post("/register",async function(req,res) {
let ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress let ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress
let setTo = username + " " + SHA256(password) let setTo = username + " " + SHA256(password)
let cookiesigned = signature.sign(setTo, cookiesecret+ip); let cookiesigned = signature.sign(setTo, cookiesecret+ip);
res.cookie('AUTH_COOKIE',cookiesigned, { maxAge: Math.pow(10,10), httpOnly: false }); res.cookie('AUTH_COOKIE',cookiesigned, { maxAge: Math.pow(10,10), httpOnly: true, secure: true });
res.redirect("/user?success=true") res.redirect("/user?success=true")
}); });
}) })
@ -310,7 +310,7 @@ router.post("/login",async function(req,res) {
let ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress let ip = req.headers['x-forwarded-for'] || req.socket.remoteAddress
let setTo = username + " " + SHA256(password) let setTo = username + " " + SHA256(password)
let cookiesigned = signature.sign(setTo, cookiesecret+ip); let cookiesigned = signature.sign(setTo, cookiesecret+ip);
res.cookie('AUTH_COOKIE',cookiesigned, { maxAge: Math.pow(10,10), httpOnly: false }); res.cookie('AUTH_COOKIE',cookiesigned, { maxAge: Math.pow(10,10), httpOnly: true, secure: true });
res.redirect("/user?success=true") res.redirect("/user?success=true")
} else { } else {
res.redirect("/login?success=false") res.redirect("/login?success=false")