fix: remove domain setting from session cookie and enhance logging for authentication
This commit is contained in:
ethanf
parent
b383e1c712
commit
08981200eb
@ -63,8 +63,7 @@ app.use(session({
|
||||
secure: process.env.NODE_ENV === 'production',
|
||||
maxAge: 24 * 60 * 60 * 1000, // 24 hours
|
||||
httpOnly: true,
|
||||
sameSite: process.env.NODE_ENV === 'production' ? 'lax' : 'lax',
|
||||
domain: process.env.NODE_ENV === 'production' ? new URL(PRODUCTION_DOMAIN).hostname : undefined
|
||||
sameSite: process.env.NODE_ENV === 'production' ? 'lax' : 'lax'
|
||||
},
|
||||
name: 's22poll.sid'
|
||||
}));
|
||||
@ -115,6 +114,9 @@ app.get('/auth/steam/return',
|
||||
console.log('User authenticated:', req.user);
|
||||
console.log('Session ID:', req.sessionID);
|
||||
console.log('Session:', req.session);
|
||||
console.log('Request host:', req.get('host'));
|
||||
console.log('Request headers:', req.headers);
|
||||
console.log('Response will set cookie for domain:', req.get('host'));
|
||||
// In production, redirect to root since frontend and backend are on same domain
|
||||
const redirectUrl = process.env.NODE_ENV === 'production' ? '/' : FRONTEND_URL;
|
||||
console.log('Redirecting to:', redirectUrl);
|
||||
@ -136,6 +138,8 @@ app.get('/auth/user', (req, res) => {
|
||||
console.log('Auth check - Is authenticated:', req.isAuthenticated());
|
||||
console.log('Auth check - User:', req.user);
|
||||
console.log('Auth check - Session:', req.session);
|
||||
console.log('Auth check - Request host:', req.get('host'));
|
||||
console.log('Auth check - Cookies:', req.headers.cookie);
|
||||
if (req.isAuthenticated()) {
|
||||
res.json({ user: req.user });
|
||||
} else {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user