Make cookie insecure

pipe-cd · Sep 3, 2020 · 580fb34 · 580fb34
1 parent 60f2775
commit 580fb34
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/pkg/app/api/authhandler/handler.go b/pkg/app/api/authhandler/handler.go
@@ -119,11 +119,12 @@ func (h *Handler) getProject(ctx context.Context, projectID string) (*model.Proj
 
 func makeTokenCookie(value string) *http.Cookie {
 	return &http.Cookie{
-		Name:     jwt.SignedTokenKey,
-		Value:    value,
-		MaxAge:   defaultTokenCookieMaxAge,
-		Path:     rootPath,
-		Secure:   true,
+		Name:   jwt.SignedTokenKey,
+		Value:  value,
+		MaxAge: defaultTokenCookieMaxAge,
+		Path:   rootPath,
+		// TODO: Make cookie secure
+		//Secure:   true,
 		HttpOnly: true,
 		SameSite: http.SameSiteLaxMode,
 	}