mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2025-03-05 20:50:17 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(core): set JWT authentication token sameSite policy to lax (#4425)

Browse source 
set authentication token sameSite policy to lax
This commit is contained in:
Michael Auerswald 2022-10-24 15:05:30 +02:00 committed by GitHub
parent 5745027cee
commit 1f4eaeb3ae
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
packages/cli/src/UserManagement/auth/jwt.ts
View file

@ -63,5 +63,9 @@ export async function resolveJwt(token: string): Promise<User> {
export async function issueCookie(res: Response, user: User): Promise<void> {
const userData = issueJWT(user);
res.cookie(AUTH_COOKIE_NAME, userData.token, { maxAge: userData.expiresIn, httpOnly: true });
res.cookie(AUTH_COOKIE_NAME, userData.token, {
maxAge: userData.expiresIn,
httpOnly: true,
sameSite: 'lax',
});
}