feat: added cookie settings for the security util

Atinux · Nov 30, 2023 · ff45896 · ff45896
1 parent c6f2c2d
commit ff45896
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 2 deletions.
diff --git a/src/module.ts b/src/module.ts
@@ -70,6 +70,16 @@ export default defineNuxtModule<ModuleOptions>({
         sameSite: 'lax'
       }
     })
+    // Security settings
+    runtimeConfig.nuxtAuthUtils = defu(runtimeConfig.nuxtAuthUtils, {})
+    runtimeConfig.nuxtAuthUtils.security = defu(runtimeConfig.nuxtAuthUtils.security, {
+      cookie: {
+        secure: true, 
+        httpOnly: true, 
+        sameSite: 'lax',
+        maxAge: 60 * 15
+      }
+    })
     // OAuth settings
     runtimeConfig.oauth = defu(runtimeConfig.oauth, {})
     // GitHub OAuth

diff --git a/src/runtime/server/utils/security.ts b/src/runtime/server/utils/security.ts
@@ -63,16 +63,17 @@ export const checks = {
    */
   async create(event: H3Event, checks?: OAuthChecks[]) {
     const res: Record<string, string> = {}
+    const runtimeConfig = useRuntimeConfig()
     if (checks?.includes('pkce')) {
       const pkceVerifier = generateCodeVerifier()
       const pkceChallenge = await pkceCodeChallenge(pkceVerifier)
       res['code_challenge'] = pkceChallenge
       res['code_challenge_method'] = 'S256'
-      setCookie(event, 'nuxt-auth-util-verifier', pkceVerifier, { maxAge: 60 * 15, secure: true, httpOnly: true, sameSite: 'lax' })
+      setCookie(event, 'nuxt-auth-util-verifier', pkceVerifier, { ...runtimeConfig.nuxtAuthUtils.security.cookie })
     }
     if (checks?.includes('state')) {
       res['state'] = generateState()
-      setCookie(event, 'nuxt-auth-util-state', res['state'], { maxAge: 60 * 15, secure: true, httpOnly: true, sameSite: 'lax' })
+      setCookie(event, 'nuxt-auth-util-state', res['state'], { ...runtimeConfig.nuxtAuthUtils.security.cookie })
     }
     return res
   },