fix(cookies): add sameSite lax

Mentor-Cycle · Jul 19, 2023 · 66eb086 · 66eb086
1 parent dec91c6
commit 66eb086
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 7 deletions.
diff --git a/src/common/auth/auth.guard.ts b/src/common/auth/auth.guard.ts
@@ -18,8 +18,7 @@ export class AuthGuard implements CanActivate {
     if (!isVerified) {
       res.clearCookie('token', {
         httponly: true,
-        samesite: 'none',
-        secure: true,
+        samesite: 'lax',
         path: '/',
       });
     }

diff --git a/src/common/utils/cookies.ts b/src/common/utils/cookies.ts
@@ -5,8 +5,7 @@ export function setCookies(res, token, expires): boolean {
 
   res.cookie('token', token, {
     httpOnly: true,
-    sameSite: 'none',
-    secure: true,
+    sameSite: 'lax',
     path: '/',
     expires,
   });

diff --git a/src/modules/user/user.resolver.ts b/src/modules/user/user.resolver.ts
@@ -121,8 +121,7 @@ export class UserResolver {
   async signOut(@Context('res') res: Response) {
     res.clearCookie('token', {
       httpOnly: true,
-      sameSite: 'none',
-      secure: true,
+      sameSite: 'lax',
       path: '/',
     });
 
@@ -168,7 +167,7 @@ export class UserResolver {
     if (!isValidToken) {
       res.clearCookie('token', {
         httpOnly: true,
-        sameSite: 'none',
+        sameSite: 'lax',
         secure: true,
         path: '/',
       });