pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-02-26 14:56:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2535 from Abhinav-kodes/fix-resource-session-delete-cookie

Browse Source 
fix: correct session DELETE tautology and HTTP cookie domain interpolation
This commit is contained in:
Owen Schwartz
2026-02-25 10:35:09 -08:00
committed by GitHub
parent 8ea6d9fa67 c64dd14b1a
commit 0ea38ea568
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/auth/sessions/resource.ts
View File

@@ -87,7 +87,7 @@ export async function validateResourceSessionToken(
if (Date.now() >= resourceSession.expiresAt) { if (Date.now() >= resourceSession.expiresAt) {
await db await db
.delete(resourceSessions) .delete(resourceSessions)
.where(eq(resourceSessions.sessionId, resourceSessions.sessionId)); .where(eq(resourceSessions.sessionId, sessionId));
return { resourceSession: null }; return { resourceSession: null };
} else if ( } else if (
Date.now() >= Date.now() >=
@@ -181,7 +181,7 @@ export function serializeResourceSessionCookie(
return `${cookieName}_s.${now}=${token}; HttpOnly; SameSite=Lax; Expires=${expiresAt.toUTCString()}; Path=/; Secure; Domain=${domain}`; return `${cookieName}_s.${now}=${token}; HttpOnly; SameSite=Lax; Expires=${expiresAt.toUTCString()}; Path=/; Secure; Domain=${domain}`;
} else { } else {
if (expiresAt === undefined) { if (expiresAt === undefined) {
return `${cookieName}.${now}=${token}; HttpOnly; SameSite=Lax; Path=/; Domain=$domain}`; return `${cookieName}.${now}=${token}; HttpOnly; SameSite=Lax; Path=/; Domain=${domain}`;
} }
return `${cookieName}.${now}=${token}; HttpOnly; SameSite=Lax; Expires=${expiresAt.toUTCString()}; Path=/; Domain=${domain}`; return `${cookieName}.${now}=${token}; HttpOnly; SameSite=Lax; Expires=${expiresAt.toUTCString()}; Path=/; Domain=${domain}`;
} }