ethanf/s22-poll
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: remove domain setting from session cookie and enhance logging for authentication

Browse Source
This commit is contained in:
ethanf 2025-08-14 15:58:28 -05:00
parent b383e1c712
commit 08981200eb
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server/server.js
View File

@ -63,8 +63,7 @@ app.use(session({
secure: process.env.NODE_ENV === 'production', secure: process.env.NODE_ENV === 'production',
maxAge: 24 * 60 * 60 * 1000, // 24 hours maxAge: 24 * 60 * 60 * 1000, // 24 hours
httpOnly: true, httpOnly: true,
sameSite: process.env.NODE_ENV === 'production' ? 'lax' : 'lax', sameSite: process.env.NODE_ENV === 'production' ? 'lax' : 'lax'
domain: process.env.NODE_ENV === 'production' ? new URL(PRODUCTION_DOMAIN).hostname : undefined
}, },
name: 's22poll.sid' name: 's22poll.sid'
})); }));
@ -115,6 +114,9 @@ app.get('/auth/steam/return',
console.log('User authenticated:', req.user); console.log('User authenticated:', req.user);
console.log('Session ID:', req.sessionID); console.log('Session ID:', req.sessionID);
console.log('Session:', req.session); console.log('Session:', req.session);
console.log('Request host:', req.get('host'));
console.log('Request headers:', req.headers);
console.log('Response will set cookie for domain:', req.get('host'));
// In production, redirect to root since frontend and backend are on same domain // In production, redirect to root since frontend and backend are on same domain
const redirectUrl = process.env.NODE_ENV === 'production' ? '/' : FRONTEND_URL; const redirectUrl = process.env.NODE_ENV === 'production' ? '/' : FRONTEND_URL;
console.log('Redirecting to:', redirectUrl); console.log('Redirecting to:', redirectUrl);
@ -136,6 +138,8 @@ app.get('/auth/user', (req, res) => {
console.log('Auth check - Is authenticated:', req.isAuthenticated()); console.log('Auth check - Is authenticated:', req.isAuthenticated());
console.log('Auth check - User:', req.user); console.log('Auth check - User:', req.user);
console.log('Auth check - Session:', req.session); console.log('Auth check - Session:', req.session);
console.log('Auth check - Request host:', req.get('host'));
console.log('Auth check - Cookies:', req.headers.cookie);
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
res.json({ user: req.user }); res.json({ user: req.user });
} else { } else {