matt/monacousa-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: enforce secure cookie setting for session management
All checks were successful
Build And Push Image / docker (push) Successful in 2m47s
Details

Browse Source
This commit is contained in:
Matt
2025-08-07 14:05:14 +02:00
parent 98ef466022
commit eef81d7409
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/api/auth/direct-login.post.ts
View File

@@ -321,7 +321,7 @@ export default defineEventHandler(async (event) => {
// Use Nuxt's setCookie helper directly with the encrypted value
setCookie(event, 'monacousa-session', encrypted, {
httpOnly: true,
secure: process.env.NODE_ENV === 'production',
secure: true,
sameSite: 'lax',
maxAge,
path: '/',