feat: Ability to toggle cookies to work in HTTP (#4194)

* feat: added new env variable * feat: made http secure cookie conditional * chore: added comments to env files * chore: changed target of hopp-old-backend service to prod
2024-07-24 21:44:39 +05:30
parent 2917d50c6a
commit df730e4d21
2 changed files with 5 additions and 2 deletions
--- a/packages/hoppscotch-backend/src/auth/helper.ts
+++ b/packages/hoppscotch-backend/src/auth/helper.ts
@@ -52,13 +52,13 @@ export const authCookieHandler = (

  res.cookie(AuthTokenType.ACCESS_TOKEN, authTokens.access_token, {
    httpOnly: true,
-    secure: true,
+    secure: configService.get('ALLOW_SECURE_COOKIES') === 'true',
    sameSite: 'lax',
    maxAge: accessTokenValidity,
  });
  res.cookie(AuthTokenType.REFRESH_TOKEN, authTokens.refresh_token, {
    httpOnly: true,
-    secure: true,
+    secure: configService.get('ALLOW_SECURE_COOKIES') === 'true',
    sameSite: 'lax',
    maxAge: refreshTokenValidity,
  });