From ff45896c3796594b011969712ab3504f5f91c2bd Mon Sep 17 00:00:00 2001 From: Lassier Antoine Date: Thu, 30 Nov 2023 22:54:14 +0100 Subject: [PATCH] feat: added cookie settings for the security util --- src/module.ts | 10 ++++++++++ src/runtime/server/utils/security.ts | 5 +++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/module.ts b/src/module.ts index 7b08149..5bcbafe 100644 --- a/src/module.ts +++ b/src/module.ts @@ -70,6 +70,16 @@ export default defineNuxtModule({ sameSite: 'lax' } }) + // Security settings + runtimeConfig.nuxtAuthUtils = defu(runtimeConfig.nuxtAuthUtils, {}) + runtimeConfig.nuxtAuthUtils.security = defu(runtimeConfig.nuxtAuthUtils.security, { + cookie: { + secure: true, + httpOnly: true, + sameSite: 'lax', + maxAge: 60 * 15 + } + }) // OAuth settings runtimeConfig.oauth = defu(runtimeConfig.oauth, {}) // GitHub OAuth diff --git a/src/runtime/server/utils/security.ts b/src/runtime/server/utils/security.ts index e5742b0..b6525c2 100644 --- a/src/runtime/server/utils/security.ts +++ b/src/runtime/server/utils/security.ts @@ -63,16 +63,17 @@ export const checks = { */ async create(event: H3Event, checks?: OAuthChecks[]) { const res: Record = {} + const runtimeConfig = useRuntimeConfig() if (checks?.includes('pkce')) { const pkceVerifier = generateCodeVerifier() const pkceChallenge = await pkceCodeChallenge(pkceVerifier) res['code_challenge'] = pkceChallenge res['code_challenge_method'] = 'S256' - setCookie(event, 'nuxt-auth-util-verifier', pkceVerifier, { maxAge: 60 * 15, secure: true, httpOnly: true, sameSite: 'lax' }) + setCookie(event, 'nuxt-auth-util-verifier', pkceVerifier, { ...runtimeConfig.nuxtAuthUtils.security.cookie }) } if (checks?.includes('state')) { res['state'] = generateState() - setCookie(event, 'nuxt-auth-util-state', res['state'], { maxAge: 60 * 15, secure: true, httpOnly: true, sameSite: 'lax' }) + setCookie(event, 'nuxt-auth-util-state', res['state'], { ...runtimeConfig.nuxtAuthUtils.security.cookie }) } return res },