From cf303eb6c9b200d4f1a10f0c365c860d53c150e5 Mon Sep 17 00:00:00 2001 From: Felix Albrigtsen Date: Sat, 23 Apr 2022 13:39:24 +0200 Subject: [PATCH] cookie-related typos --- src/server/index.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/server/index.js b/src/server/index.js index 2c75a10..94eed5e 100644 --- a/src/server/index.js +++ b/src/server/index.js @@ -21,7 +21,7 @@ app.use(session({ secret: process.env.COOKIE_SECRET, rolling: true, cookie: { - secure: (process.env.COOKIE_SECRET == "true"), // All env vars are strings, so cast bool manually + secure: (process.env.COOKIE_SECURE == "true"), // All env vars are strings, so cast bool manually sameSite: 'strict', // Browsers will reject a "secure" cookie without this maxAge: 60 * 60 * 1000 // 1 hour (in milliseconds) } @@ -120,7 +120,6 @@ app.get('/auth/google/callback', }) .catch(err => { // User is not in the database at all, do not give them a session. - res.session.user = null; res.json({"status": "error", message: "Email is not in administrator list."}); return; });