(TP-77) feat: disable secure for development stage

Kattsyn · Kattsyn · commit ab7e62ce978e · 2025-05-02T23:43:06.000+03:00
diff --git a/rentplace/src/main/java/kattsyn/dev/rentplace/controllers/AuthController.java b/rentplace/src/main/java/kattsyn/dev/rentplace/controllers/AuthController.java
@@ -48,8 +48,8 @@ public ResponseEntity<JwtResponse> login(@RequestBody JwtRequest authRequest,
 
         ResponseCookie refreshCookie = ResponseCookie.from("refreshToken", tokens.getRefreshToken())
                 .httpOnly(true)
-                .secure(true) // обязательно для SameSite=None
-                .sameSite("None") // <== вот это ключевое
+                .secure(false) // на прод вернуть true
+                .sameSite("Lax") // вернуть None
                 .path("/")
                 .maxAge(Duration.ofDays(30)) // чтобы не исчезала
                 .build();
@@ -102,8 +102,8 @@ public ResponseEntity<JwtResponse> refresh(@CookieValue(name = "refreshToken") S
 
         ResponseCookie refreshCookie = ResponseCookie.from("refreshToken", jwtResponse.getRefreshToken())
                 .httpOnly(true)
-                .secure(true)
-                .sameSite("None")
+                .secure(false) // на прод вернуть true
+                .sameSite("Lax") // вернуть None
                 .path("/")
                 .maxAge(Duration.ofDays(30))
                 .build();
