farcasclaudiu/Flowise
1
0
Fork 0
mirror of https://github.com/farcasclaudiu/Flowise.git synced 2026-06-28 15:00:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

Chore/Secure Cookies Env Variable (#5281)

Browse Source 
Enhanced cookie security handling in the passport middleware to allow explicit configuration of secure cookie settings.
This commit is contained in:
Henry Heng
2025-10-01 11:54:07 +01:00
committed by GitHub
parent 8c1175225f
commit a86f618186
7 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/server/src/enterprise/middleware/passport/index.ts
+10 -1
View File
@@ -33,7 +33,16 @@ const expireAuthTokensOnRestart = process.env.EXPIRE_AUTH_TOKENS_ON_RESTART ===
const jwtAuthTokenSecret = process.env.JWT_AUTH_TOKEN_SECRET || 'auth_token'
const jwtRefreshSecret = process.env.JWT_REFRESH_TOKEN_SECRET || process.env.JWT_AUTH_TOKEN_SECRET || 'refresh_token'
const secureCookie = process.env.APP_URL?.startsWith('https') ? true : false
// Allow explicit override of cookie security settings
// This is useful when running behind a reverse proxy/load balancer that terminates SSL
const secureCookie =
process.env.SECURE_COOKIES === 'false'
? false
: process.env.SECURE_COOKIES === 'true'
? true
: process.env.APP_URL?.startsWith('https')
? true
: false
const jwtOptions = {
secretOrKey: jwtAuthTokenSecret,
audience: jwtAudience,