fix: pass the entire sacred cookie settings on clear

bjarneo · bjarneo · commit 966e249029eb · 2024-04-26T09:02:34.000+02:00
diff --git a/server/controllers/authentication.js b/server/controllers/authentication.js
@@ -170,10 +170,9 @@ async function authentication(fastify) {
     );
 
     fastify.post('/signout', async (_, reply) => {
-        reply.clearCookie(COOKIE_KEY_PUBLIC, { path: '/' });
-
-        // clear the http only cookie by setting an expired date
-        reply.setCookie(COOKIE_KEY, '', { path: '/', expires: new Date(0) });
+        reply
+            .clearCookie(COOKIE_KEY_PUBLIC, { path: '/' })
+            .clearCookie(COOKIE_KEY, '', SACRED_COOKIE_SETTINGS);
 
         return {
             signout: 'ok',
