Skip to content

Cors issue resolved #162

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
Feb 21, 2025
Merged

Cors issue resolved #162

Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
93b727c
Grievance runtime issues
ravishanigarapu Jan 27, 2025
5e02c35
Dissable swagger in prod environment
ravishanigarapu Jan 27, 2025
c326863
Merge branch 'PSMRI:develop' into develop
ravishanigarapu Jan 27, 2025
37c3c0f
Merge branch 'develop' into develop
ravishanigarapu Feb 10, 2025
465d68f
Login Issue
ravishanigarapu Feb 10, 2025
e82b5f7
Merge branch 'PSMRI:develop' into develop
ravishanigarapu Feb 10, 2025
07541b7
Merge branch 'PSMRI:develop' into develop
ravishanigarapu Feb 18, 2025
86ab003
Merge branch 'PSMRI:develop' into develop
ravishanigarapu Feb 20, 2025
670b64d
Merge branch 'PSMRI:develop' into develop
ravishanigarapu Feb 21, 2025
effa7c9
Cors issue
ravishanigarapu Feb 21, 2025
dd1dd21
SEtSEcure as true
ravishanigarapu Feb 21, 2025
d2ae95f
removed unwanted code
ravishanigarapu Feb 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 33 additions & 9 deletions src/main/java/com/iemr/common/utils/CookieUtil.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,39 @@ public Optional<String> getCookieValue(HttpServletRequest request, String cookie
}

public void addJwtTokenToCookie(String Jwttoken, HttpServletResponse response, HttpServletRequest request) {
// Create a new cookie with the JWT token
Cookie cookie = new Cookie("Jwttoken", Jwttoken);
cookie.setHttpOnly(true); // Prevent JavaScript access for security
cookie.setMaxAge(60 * 60 * 24); // 1 day expiration time
cookie.setPath("/"); // Make the cookie available for the entire application
if ("https".equalsIgnoreCase(request.getScheme())) {
cookie.setSecure(true); // Secure flag only on HTTPS
}
response.addCookie(cookie); // Add the cookie to the response
// Create a new cookie with the JWT token
Cookie cookie = new Cookie("Jwttoken", Jwttoken);

// Make the cookie HttpOnly to prevent JavaScript access for security
cookie.setHttpOnly(true);

// Set the Max-Age (expiry time) in seconds (1 day)
cookie.setMaxAge(60 * 60 * 24); // 1 day expiration

// Set the path to "/" so the cookie is available across the entire application
cookie.setPath("/");

// Set the SameSite attribute for cross-site request handling (if needed)
String sameSite = "None"; // Allow cross-site cookies (can be 'Strict', 'Lax', or 'None')
cookie.setSecure(true);
// Add the cookie to the response
response.addCookie(cookie);

// Build the Set-Cookie header manually (to add SameSite attribute support)
StringBuilder cookieHeader = new StringBuilder();
cookieHeader.append(cookie.getName()).append("=").append(cookie.getValue())
.append("; Path=").append(cookie.getPath())
.append("; Max-Age=").append(cookie.getMaxAge())
.append("; HttpOnly");

// Add SameSite and Secure attributes manually if needed
cookieHeader.append("; SameSite=").append(sameSite);
if (cookie.getSecure()) {
cookieHeader.append("; Secure");
}

// Set the custom Set-Cookie header
response.addHeader("Set-Cookie", cookieHeader.toString());
}

public String getJwtTokenFromCookie(HttpServletRequest request) {
Expand Down
Loading