Corrects Token Cookie Domain

Removes schema from the token cookie's domain field. Signed-off-by: Hassan Abouelela <[email protected]>
author: Hassan Abouelela <[email protected]> 2021-03-07 03:05:08 +0300
committer: Hassan Abouelela <[email protected]> 2021-03-07 03:05:08 +0300
commit: 99e82b5ba80c45e0e0800db93f573929ee05feea (patch)
tree: eaf51dd85f4f71424c978c61bf5f2cbac22b91b4
parent: Switches Forwarded Protocol Header (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/backend/routes/auth/authorize.py b/backend/routes/auth/authorize.py
index e782bcc..d4587f0 100644
--- a/backend/routes/auth/authorize.py
+++ b/backend/routes/auth/authorize.py
@@ -76,11 +76,9 @@ async def set_response_token(
 ) -> None:
     """Helper that handles logic for updating a token in a set-cookie response."""
     origin_url = request.headers.get("origin")
-    protocol = request.headers.get("X-Forwarded-Proto") or "https"
-    stripped_domain = f"{protocol}://{request.url.netloc}/"
 
     if origin_url == constants.PRODUCTION_URL:
-        domain = stripped_domain
+        domain = request.url.netloc
         samesite = "strict"
 
     elif not constants.PRODUCTION:
@@ -88,7 +86,7 @@ async def set_response_token(
         samesite = "strict"
 
     else:
-        domain = stripped_domain
+        domain = request.url.netloc
         samesite = "None"
 
     response.set_cookie(
author	Hassan Abouelela <[email protected]>	2021-03-07 03:05:08 +0300
committer	Hassan Abouelela <[email protected]>	2021-03-07 03:05:08 +0300
commit	99e82b5ba80c45e0e0800db93f573929ee05feea (patch)
tree	eaf51dd85f4f71424c978c61bf5f2cbac22b91b4
parent	Switches Forwarded Protocol Header (diff)