matt/port-nimara-client-portal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FEAT: Enhance authentication session management with configurable cookie domain and improved token refresh logic

Browse Source
This commit is contained in:
Matt
2025-06-16 17:53:43 +02:00
parent 3a83831a20
commit d436367ee6
11 changed files with 594 additions and 149 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/api/auth/keycloak/callback.ts
View File

@@ -81,13 +81,17 @@ export default defineEventHandler(async (event) => {
createdAt: Date.now()
}
// Create session cookie with better security settings
// Create session cookie with proper session duration (8 hours = 28800 seconds)
// Not tied to access token lifetime since we'll refresh tokens automatically
const sessionDuration = 8 * 60 * 60; // 8 hours in seconds
const cookieDomain = process.env.COOKIE_DOMAIN || '.portnimara.dev';
setCookie(event, 'nuxt-oidc-auth', JSON.stringify(sessionData), {
httpOnly: true,
secure: true,
sameSite: 'lax',
maxAge: tokenResponse.expires_in,
domain: '.portnimara.dev',
maxAge: sessionDuration,
domain: cookieDomain,
path: '/'
})