Mike/freno-dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security hardening

Browse Source
This commit is contained in:
Michael Freno
2025-12-28 20:04:29 -05:00
parent aefd467660
commit 1ba20339a8
22 changed files with 5177 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/routes/api/auth/signout.ts
View File

@@ -9,7 +9,7 @@ export async function POST() {
setCookie(event, "userIDToken", "", {
path: "/",
httpOnly: true,
secure: process.env.NODE_ENV === "production",
secure: true, // Always enforce secure cookies
sameSite: "lax",
maxAge: 0, // Expire immediately
expires: new Date(0) // Set expiry to past date