Add basic token split

2019-10-05 21:22:56 -04:00 · 2019-10-05 21:22:56 -04:00 · 1a2cb93540
commit 1a2cb93540
parent 8a897dc16f
2 changed files with 7 additions and 3 deletions
--- a/main.go
+++ b/main.go
@ -55,7 +55,11 @@ func Routes() *chi.Mux {
 	// enable cors testing
 	// LOCK THIS DOWN FOR PRODUCTION
 	cors := cors.New(cors.Options{
-		AllowedOrigins: []string{"*"},
+		AllowedOrigins:   []string{"*"},
+		AllowedMethods:   []string{"GET", "POST"},
+		ExposedHeaders:   []string{"Link"},
+		AllowCredentials: true,
+		MaxAge:           360,
 	})

 	router.Use(
--- a/packages/auth/auth.go
+++ b/packages/auth/auth.go
@ -171,9 +171,9 @@ func refresh(w http.ResponseWriter, r *http.Request) {

 func setCookies(w http.ResponseWriter, jwt string, expiration time.Time) string {
 	splitToken := strings.Split(jwt, ".")
-	dataCookie := http.Cookie{Name: "DataCookie", Value: strings.Join(splitToken[:2], "."), Expires: expiration, HttpOnly: false, Path: "/"}
+	dataCookie := http.Cookie{Name: "DataCookie", Value: strings.Join(splitToken[:2], "."), Expires: expiration, HttpOnly: false, Path: "/", Domain: "sudosci.test", MaxAge: 360, Secure: false}
 	http.SetCookie(w, &dataCookie)
-	signatureCookie := http.Cookie{Name: "SignatureCookie", Value: splitToken[2], Expires: expiration, HttpOnly: true, Path: "/"}
+	signatureCookie := http.Cookie{Name: "SignatureCookie", Value: splitToken[2], Expires: expiration, HttpOnly: true, Path: "/", Domain: "sudosci.test", MaxAge: 360, Secure: false}
 	http.SetCookie(w, &signatureCookie)
 	return strings.Join(splitToken[:2], ".")
 }