We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
2 parents 82fb174 + 419a726 commit f1607ceCopy full SHA for f1607ce
1 file changed
apps/api/app/core/cookies.py
@@ -4,21 +4,22 @@
4
5
6
def set_auth_cookies(response: Response, access_token: str, refresh_token: str) -> None:
7
- secure = settings.ENVIRONMENT == "production"
+ is_prod = settings.ENVIRONMENT == "production"
8
+ samesite = "none" if is_prod else "lax"
9
response.set_cookie(
10
key="access_token",
11
value=access_token,
12
httponly=True,
- secure=secure,
13
- samesite="lax",
+ secure=is_prod,
14
+ samesite=samesite,
15
max_age=settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60,
16
)
17
18
key="refresh_token",
19
value=refresh_token,
20
21
22
23
max_age=settings.REFRESH_TOKEN_EXPIRE_DAYS * 24 * 60 * 60,
24
path="/api/auth/refresh",
25
0 commit comments