origranot · origranot · Dec 7, 2023 · Dec 7, 2023 · Dec 7, 2023
diff --git a/apps/backend/src/auth/providers/providers.controller.ts b/apps/backend/src/auth/providers/providers.controller.ts
@@ -4,7 +4,7 @@ import { AppConfigService } from '@reduced.to/config';
 import { AuthService } from '../auth.service';
 import { ProviderType } from '@reduced.to/prisma';
 import { UsersService } from '../../core/users/users.service';
-import { setAuthCookies } from '../utils/cookies';
+import { setAuthCookies, setCookie } from '../utils/cookies';
 import { GoogleOAuthGuard } from '../guards/google-oauth.guard';
 
 @Controller({
@@ -46,7 +46,7 @@ export class ProvidersController {
     const urlPrefix = this.configService.getConfig().general.env === 'production' ? `https://${domain}` : `http://${domain}:4200`;
 
     const tokens = await this.authService.generateTokens(user);
-    res = setAuthCookies(res, domain, tokens);
+    setAuthCookies(res, domain, tokens);
     res.redirect(`${urlPrefix}/dashboard`);
   }
 }
diff --git a/apps/backend/src/auth/utils/cookies.spec.ts b/apps/backend/src/auth/utils/cookies.spec.ts
@@ -24,14 +24,14 @@ describe('setAuthCookies', () => {
       expires: expect.any(Date),
       domain,
       path: '/',
-      sameSite: 'strict',
+      sameSite: 'lax',
       httpOnly: true,
     };
     const expectedRefreshOptions = {
       expires: expect.any(Date),
       domain,
       path: '/',
-      sameSite: 'strict',
+      sameSite: 'lax',
       httpOnly: true,
     };
 

diff --git a/apps/backend/src/auth/utils/cookies.ts b/apps/backend/src/auth/utils/cookies.ts
@@ -9,29 +9,38 @@ export const REFRESH_COOKIE_NAME = 'refreshToken';
 
 export const setAuthCookies = (
   res: Response,
-  rawDomain: string,
+  domain: string,
   tokens: {
     accessToken: string;
     refreshToken: string;
   }
 ) => {
-  const domain = process.env.NODE_ENV === 'production' ? `.${rawDomain}` : rawDomain;
+  setCookie(res, domain, AUTH_COOKIE_NAME, tokens.accessToken, {
+    expires: calculateDateFromTtl(AUTH_COOKIE_EXPIRES),
+  });
+  setCookie(res, domain, REFRESH_COOKIE_NAME, tokens.refreshToken, {
+    expires: calculateDateFromTtl(REFRESH_COOKIE_EXPIRES),
+  });
+  return res;
+};
 
-  res
-    .cookie(AUTH_COOKIE_NAME, tokens.accessToken, {
-      expires: calculateDateFromTtl(AUTH_COOKIE_EXPIRES),
-      domain,
-      path: '/',
-      sameSite: 'strict',
-      httpOnly: true,
-    })
-    .cookie(REFRESH_COOKIE_NAME, tokens.refreshToken, {
-      expires: calculateDateFromTtl(REFRESH_COOKIE_EXPIRES),
-      domain,
-      path: '/',
-      sameSite: 'strict',
-      httpOnly: true,
-    });
+export const setCookie = (
+  res: Response,
+  rawDomain: string,
+  key: string,
+  value: any,
+  opts?: {
+    expires?: Date;
+  }
+) => {
+  const domain = process.env.NODE_ENV === 'production' ? `.${rawDomain}` : rawDomain;
+  res.cookie(key, value, {
+    ...(opts?.expires && { expires: opts.expires }),
+    domain,
+    path: '/',
+    sameSite: 'lax',
+    httpOnly: true,
+  });
 
   return res;
 };
diff --git a/apps/frontend/src/routes/dashboard/layout.tsx b/apps/frontend/src/routes/dashboard/layout.tsx
@@ -2,7 +2,7 @@ import { component$, Slot, useSignal, $ } from '@builder.io/qwik';
 import { Link, RequestHandler, useLocation } from '@builder.io/qwik-city';
 import { validateAccessToken } from '../../shared/auth.service';
 import { Role, useGetCurrentUser } from '../layout';
-import { LuAlertOctagon, LuLayoutDashboard, LuLineChart, LuLink, LuShield, LuSlidersHorizontal, LuUsers } from '@qwikest/icons/lucide';
+import { LuAlertOctagon, LuLineChart, LuLink, LuShield, LuSlidersHorizontal, LuUsers } from '@qwikest/icons/lucide';
 
 export const onGet: RequestHandler = async ({ cookie, redirect }) => {
   const validAccessToken = await validateAccessToken(cookie);