diff options
author | 2021-03-06 23:19:08 +0300 | |
---|---|---|
committer | 2021-03-06 23:19:08 +0300 | |
commit | 013ea9006352ed714cbbd561880770062ea3a0e9 (patch) | |
tree | 0cf23deeb078b91824b2ec72e75b2803be263613 /backend/routes/auth/authorize.py | |
parent | Merge pull request #58 from python-discord/token-expiry (diff) |
Sets Token Cookie To Same Site To Lax
Sets the authorization token cookie's security policy to lax, to allow
it to work on the site.
Signed-off-by: Hassan Abouelela <[email protected]>
Diffstat (limited to 'backend/routes/auth/authorize.py')
-rw-r--r-- | backend/routes/auth/authorize.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/backend/routes/auth/authorize.py b/backend/routes/auth/authorize.py index 26d8622..e00aef2 100644 --- a/backend/routes/auth/authorize.py +++ b/backend/routes/auth/authorize.py @@ -63,7 +63,7 @@ async def process_token(bearer_token: dict) -> Union[AuthorizeResponse, AUTH_FAI response.set_cookie( "token", f"JWT {token}", - secure=constants.PRODUCTION, httponly=True, samesite="strict", + secure=constants.PRODUCTION, httponly=True, samesite="lax", max_age=bearer_token["expires_in"] ) return response |