From 54fd22c22ef1213ab5a8096d15f6f4cc79ac0998 Mon Sep 17 00:00:00 2001 From: Hassan Abouelela <47495861+HassanAbouelela@users.noreply.github.com> Date: Sun, 21 Feb 2021 01:10:34 +0300 Subject: Saves Username & Scopes On `/` Path Explicitly sets the path attribute of username and scope cookies, to ensure they work correctly across page transitions, and to match the actual authorization cookie. Signed-off-by: Hassan Abouelela <47495861+HassanAbouelela@users.noreply.github.com> --- src/api/auth.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/api/auth.ts b/src/api/auth.ts index 1aba307..7bdf2bb 100644 --- a/src/api/auth.ts +++ b/src/api/auth.ts @@ -218,7 +218,7 @@ export async function refreshBackendJWT(): Promise { let pass = true; APIClient.post("/auth/refresh").then((response: AxiosResponse) => { - cookies.set(CookieNames.Username, response.data.username, {sameSite: "strict", secure: PRODUCTION}); + cookies.set(CookieNames.Username, response.data.username, {sameSite: "strict", secure: PRODUCTION, path: "/"}); const expiry = Date.parse(response.data.expiry); setTimeout(refreshBackendJWT, (expiry * 0.9)); @@ -250,7 +250,7 @@ export default async function authorize(scopes: OAuthScopes[] = [], disableFunct if (disableFunction) { disableFunction(true); } await getDiscordCode(scopes).then(async discord_response =>{ await requestBackendJWT(discord_response.code).then(backend_response => { - const options: CookieSetOptions = {sameSite: "strict", secure: PRODUCTION}; + const options: CookieSetOptions = {sameSite: "strict", secure: PRODUCTION, path: "/"}; cookies.set(CookieNames.Username, backend_response.username, options); options.maxAge = backend_response.maxAge; -- cgit v1.2.3