Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(adapter-nextjs): secure: false is not set for localhost on sign-in #14231

Merged
merged 1 commit into from
Feb 21, 2025
Merged

fix(adapter-nextjs): secure: false is not set for localhost on sign-in #14231

merged 1 commit into from
Feb 21, 2025

Conversation

HuiSF
Copy link
Member

@HuiSF HuiSF commented Feb 20, 2025

Description of changes

  • Move the secure cookie attribute value calculation into the functions that actually generate the cookie attributes to prevent misses

Issue #, if available

Description of how you validated changes

  • local testing with a Next.js sample app running on localhost
  • e2e test

Checklist

  • PR description included
  • yarn test passes
  • Unit Tests are changed or added
  • Relevant documentation is changed or added (and PR referenced)

Checklist for repo maintainers

  • Verify E2E tests for existing workflows are working as expected or add E2E tests for newly added workflows
  • New source file paths included in this PR have been added to CODEOWNERS, if appropriate

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

ashika112
ashika112 reviewed Feb 20, 2025
View reviewed changes
packages/adapter-nextjs/src/auth/utils/authFlowProofCookies.ts
) => ({
domain: setCookieOptions?.domain,
path: '/',
httpOnly: true,
secure: overrides?.secure ?? true,
secure: isSSLOrigin(origin),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

curious: why were these overrides to begin with?

@HuiSF HuiSF merged commit 677f466 into main Feb 21, 2025
31 checks passed
@HuiSF HuiSF deleted the hui/fix/adapter-nextjs/cookie-secure branch February 21, 2025 17:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ashika112 ashika112 ashika112 approved these changes

@jjarvisp jjarvisp jjarvisp approved these changes

@cshfang cshfang Awaiting requested review from cshfang cshfang is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@HuiSF @ashika112 @jjarvisp