fix(cookie): 🐛 Fix SameSite cookie issues for refresh token

n8io · Nov 22, 2020 · ff6db79 · ff6db79
1 parent 2e8a64e
commit ff6db79
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/packages/service/src/types/auth/selectors.spec.js b/packages/service/src/types/auth/selectors.spec.js
@@ -17,7 +17,6 @@ import { Enumeration } from './typedef';
 const {
   ACCESS_TOKEN_EXPIRY,
   ACCESS_TOKEN_SECRET,
-  NODE_ENV,
   REFRESH_TOKEN_EXPIRY,
   REFRESH_TOKEN_SECRET,
 } = config;
@@ -255,7 +254,8 @@ describe('auth selectors', () => {
             httpOnly: true,
             maxAge: ms(REFRESH_TOKEN_EXPIRY),
             path: Route.REFRESH_TOKEN,
-            secure: NODE_ENV === 'production',
+            sameSite: 'none',
+            secure: true,
           },
         ];
 
@@ -272,9 +272,10 @@ describe('auth selectors', () => {
           '',
           {
             httpOnly: true,
-            maxAge: ms(REFRESH_TOKEN_EXPIRY),
+            maxAge: 0,
             path: Route.REFRESH_TOKEN,
-            secure: NODE_ENV === 'production',
+            sameSite: 'none',
+            secure: true,
           },
         ];