Skip to content

Commit

Permalink
feat: added cookie settings for the security util
Browse files Browse the repository at this point in the history
  • Loading branch information
Azurency committed Nov 30, 2023
1 parent c6f2c2d commit db59fd3
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 2 deletions.
10 changes: 10 additions & 0 deletions src/module.ts
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,16 @@ export default defineNuxtModule<ModuleOptions>({
sameSite: 'lax'
}
})
// Security settings
runtimeConfig.nuxtAuthUtils = defu(runtimeConfig.nuxtAuthUtils, {})
runtimeConfig.nuxtAuthUtils.security = defu(runtimeConfig.nuxtAuthUtils.security, {
cookie: {
secure: true,
httpOnly: true,
sameSite: 'lax',
maxAge: 60 * 15
}
})
// OAuth settings
runtimeConfig.oauth = defu(runtimeConfig.oauth, {})
// GitHub OAuth
Expand Down
5 changes: 3 additions & 2 deletions src/runtime/server/utils/security.ts
Original file line number Diff line number Diff line change
Expand Up @@ -63,16 +63,17 @@ export const checks = {
*/
async create(event: H3Event, checks?: OAuthChecks[]) {
const res: Record<string, string> = {}
const runtimeConfig = useRuntimeConfig()
if (checks?.includes('pkce')) {
const pkceVerifier = generateCodeVerifier()
const pkceChallenge = await pkceCodeChallenge(pkceVerifier)
res['code_challenge'] = pkceChallenge
res['code_challenge_method'] = 'S256'
setCookie(event, 'nuxt-auth-util-verifier', pkceVerifier, { maxAge: 60 * 15, secure: true, httpOnly: true, sameSite: 'lax' })
setCookie(event, 'nuxt-auth-util-verifier', pkceVerifier, runtimeConfig.nuxtAuthUtils.security.cookie)

Check failure on line 72 in src/runtime/server/utils/security.ts

View workflow job for this annotation

GitHub Actions / test

Argument of type '{ secure: boolean; httpOnly: boolean; sameSite: string; maxAge: number; }' is not assignable to parameter of type 'CookieSerializeOptions'.
}
if (checks?.includes('state')) {
res['state'] = generateState()
setCookie(event, 'nuxt-auth-util-state', res['state'], { maxAge: 60 * 15, secure: true, httpOnly: true, sameSite: 'lax' })
setCookie(event, 'nuxt-auth-util-state', res['state'], runtimeConfig.nuxtAuthUtils.security.cookie)

Check failure on line 76 in src/runtime/server/utils/security.ts

View workflow job for this annotation

GitHub Actions / test

Argument of type '{ secure: boolean; httpOnly: boolean; sameSite: string; maxAge: number; }' is not assignable to parameter of type 'CookieSerializeOptions'.
}
return res
},
Expand Down

0 comments on commit db59fd3

Please sign in to comment.