archetecture security fix
This commit is contained in:
+31
@@ -0,0 +1,31 @@
|
||||
"use strict";
|
||||
Object.defineProperty(exports, "__esModule", { value: true });
|
||||
exports.getSessionCookieName = getSessionCookieName;
|
||||
exports.setSessionCookie = setSessionCookie;
|
||||
exports.clearSessionCookie = clearSessionCookie;
|
||||
const COOKIE_NAMES = {
|
||||
admin: 'admin_session',
|
||||
employee: 'employee_session',
|
||||
renter: 'renter_session',
|
||||
};
|
||||
function getSessionCookieName(actorType) {
|
||||
return COOKIE_NAMES[actorType];
|
||||
}
|
||||
function setSessionCookie(res, actorType, token, maxAgeMs) {
|
||||
res.cookie(getSessionCookieName(actorType), token, {
|
||||
httpOnly: true,
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
sameSite: actorType === 'admin' ? 'strict' : 'lax',
|
||||
path: '/',
|
||||
maxAge: maxAgeMs,
|
||||
});
|
||||
}
|
||||
function clearSessionCookie(res, actorType) {
|
||||
res.clearCookie(getSessionCookieName(actorType), {
|
||||
httpOnly: true,
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
sameSite: actorType === 'admin' ? 'strict' : 'lax',
|
||||
path: '/',
|
||||
});
|
||||
}
|
||||
//# sourceMappingURL=sessionCookies.js.map
|
||||
Reference in New Issue
Block a user