chore: cookie secure by default with env var to disable secure cookie
Some checks failed
Release Workflow / determine-release-type (push) Has been cancelled
Release Workflow / checks (push) Has been cancelled
Release Workflow / e2e-tests (push) Has been cancelled
Release Workflow / build-images (push) Has been cancelled
Release Workflow / publish-release (push) Has been cancelled

This commit is contained in:
Nicolas Meienberger 2026-01-28 00:52:32 +01:00
parent 8f8b370679
commit a3ea8384d1
3 changed files with 5 additions and 2 deletions

View file

@ -1,2 +1,3 @@
DATABASE_URL=:memory:
APP_SECRET=8b9acd4456dd5db0a4a3c4f4e1240b2c3ae08bb59690167197425e4a25dd9a69
DISABLE_SECURE_COOKIES=true

View file

@ -22,10 +22,10 @@ export type AuthMiddlewareContext = MiddlewareContext<MiddlewareOptions, AuthCon
const createBetterAuth = (secret: string) =>
betterAuth({
secret,
trustedOrigins: config.trustedOrigins ?? ["*"],
trustedOrigins: config.trustedOrigins,
advanced: {
cookiePrefix: "zerobyte",
useSecureCookies: false,
useSecureCookies: !config.disableSecureCookies,
},
onAPIError: {
throw: true,

View file

@ -34,6 +34,7 @@ const envSchema = type({
APP_VERSION: "string = 'dev'",
TRUSTED_ORIGINS: "string?",
DISABLE_RATE_LIMITING: 'string = "false"',
DISABLE_SECURE_COOKIES: 'string = "false"',
APP_SECRET: "32 <= string <= 256",
}).pipe((s) => ({
__prod__: s.NODE_ENV === "production",
@ -46,6 +47,7 @@ const envSchema = type({
appVersion: s.APP_VERSION,
trustedOrigins: s.TRUSTED_ORIGINS?.split(",").map((origin) => origin.trim()),
disableRateLimiting: s.DISABLE_RATE_LIMITING === "true",
disableSecureCookies: s.DISABLE_SECURE_COOKIES === "true",
appSecret: s.APP_SECRET,
}));