From 0ce261d9bd9f96501bdf1eb416856ff126dabd9c Mon Sep 17 00:00:00 2001 From: Asara Date: Sat, 5 Oct 2019 21:43:02 -0400 Subject: [PATCH] Set fake domain for temp --- main.go | 6 +++--- packages/auth/auth.go | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/main.go b/main.go index 4b048bb..47035df 100644 --- a/main.go +++ b/main.go @@ -55,9 +55,9 @@ func Routes() *chi.Mux { // enable cors testing // LOCK THIS DOWN FOR PRODUCTION cors := cors.New(cors.Options{ - AllowedOrigins: []string{"*"}, - AllowedMethods: []string{"GET", "POST"}, - ExposedHeaders: []string{"Link"}, + AllowedOrigins: []string{"*"}, + AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"}, + AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"}, AllowCredentials: true, MaxAge: 360, }) diff --git a/packages/auth/auth.go b/packages/auth/auth.go index 5b0a15b..e5abb11 100644 --- a/packages/auth/auth.go +++ b/packages/auth/auth.go @@ -171,9 +171,9 @@ func refresh(w http.ResponseWriter, r *http.Request) { func setCookies(w http.ResponseWriter, jwt string, expiration time.Time) string { splitToken := strings.Split(jwt, ".") - dataCookie := http.Cookie{Name: "DataCookie", Value: strings.Join(splitToken[:2], "."), Expires: expiration, HttpOnly: false, Path: "/", Domain: "sudosci.test", MaxAge: 360, Secure: false} + dataCookie := http.Cookie{Name: "DataCookie", Value: strings.Join(splitToken[:2], "."), Expires: expiration, HttpOnly: false, Path: "/", Domain: ".sudosci.test", MaxAge: 360, Secure: false} http.SetCookie(w, &dataCookie) - signatureCookie := http.Cookie{Name: "SignatureCookie", Value: splitToken[2], Expires: expiration, HttpOnly: true, Path: "/", Domain: "sudosci.test", MaxAge: 360, Secure: false} + signatureCookie := http.Cookie{Name: "SignatureCookie", Value: splitToken[2], Expires: expiration, HttpOnly: true, Path: "/", Domain: ".sudosci.test", MaxAge: 360, Secure: false} http.SetCookie(w, &signatureCookie) return strings.Join(splitToken[:2], ".") }