modify domain to allow all abandon auth domains, add debug version of…

… cookie response
AbandonTech · Jun 19, 2024 · 0a25c66 · 0a25c66
1 parent 7d94747
commit 0a25c66
Showing 1 changed file with 18 additions and 6 deletions.
diff --git a/src/api/abandonauth/routers/ui.py b/src/api/abandonauth/routers/ui.py
@@ -1,3 +1,5 @@
+from urllib.parse import urlparse
+
 import httpx
 from fastapi import APIRouter, HTTPException, Request
 from fastapi.responses import RedirectResponse
@@ -14,6 +16,9 @@
 BASE_URL = "http://localhost"
 
 
+COOKIE_DOMAIN_URL = "." + urlparse(settings.ABANDON_AUTH_SITE_URL).netloc
+
+
 @router.get("/", include_in_schema=False)
 async def index(request: Request, code: str | None = None) -> RedirectResponse:
     """Developer landing page for AbandonAuth UI."""
@@ -47,12 +52,19 @@ async def index(request: Request, code: str | None = None) -> RedirectResponse:
     if authenticated is False:
         return resp
 
-    resp.set_cookie(
-        key="Authorization",
-        value=token,  # pyright: ignore [reportArgumentType]
-        domain=settings.ABANDON_AUTH_SITE_URL,
-        httponly=True
-    )
+    if settings.DEBUG:
+        resp.set_cookie(
+            key="Authorization",
+            value=token,  # pyright: ignore [reportArgumentType]
+        )
+    else:
+        resp.set_cookie(
+            key="Authorization",
+            value=token,  # pyright: ignore [reportArgumentType]
+            domain=COOKIE_DOMAIN_URL,
+            httponly=True,
+            secure=True
+        )
 
     return resp