Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-12 15:53:02 +10:00
Code Issues Packages Projects Releases Wiki Activity

fix: secure passkey cookies (#1533)

Browse Source
This commit is contained in:
David Nguyen
2024-12-12 01:16:29 +09:00
committed by GitHub
parent 76028771b8
commit 161d40cde7
3 changed files with 16 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
packages/trpc/server/auth-router/router.ts
View File

@ -4,6 +4,7 @@ import { parse } from 'cookie-es';
import { env } from 'next-runtime-env';
import { IS_BILLING_ENABLED } from '@documenso/lib/constants/app';
import { formatSecureCookieName } from '@documenso/lib/constants/auth';
import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
import { jobsClient } from '@documenso/lib/jobs/client';
import { ErrorCode } from '@documenso/lib/next-auth/error-codes';
@ -111,7 +112,8 @@ export const authRouter = router({
const cookies = parse(ctx.req.headers.cookie ?? '');
const sessionIdToken =
cookies['__Host-next-auth.csrf-token'] || cookies['next-auth.csrf-token'];
cookies[formatSecureCookieName('__Host-next-auth.csrf-token')] ||
cookies[formatSecureCookieName('next-auth.csrf-token')];
if (!sessionIdToken) {
throw new Error('Missing CSRF token');