67 lines
1.7 KiB
TypeScript
67 lines
1.7 KiB
TypeScript
export const createCookiesWithDefaultOptions = (useSecureCookies: boolean) => {
|
|
const cookiePrefix = useSecureCookies ? '__Secure-' : '';
|
|
|
|
return {
|
|
// default cookie options
|
|
sessionToken: {
|
|
// We don't use __Secure prefix as the cookie is used in the code
|
|
name: `next-auth.session-token`,
|
|
options: {
|
|
httpOnly: true,
|
|
sameSite: 'lax',
|
|
path: '/',
|
|
secure: useSecureCookies,
|
|
},
|
|
},
|
|
callbackUrl: {
|
|
name: `${cookiePrefix}next-auth.callback-url`,
|
|
options: {
|
|
httpOnly: true,
|
|
sameSite: 'lax',
|
|
path: '/',
|
|
secure: useSecureCookies,
|
|
},
|
|
},
|
|
csrfToken: {
|
|
// Default to __Host- for CSRF token for additional protection if using useSecureCookies
|
|
// NB: The `__Host-` prefix is stricter than the `__Secure-` prefix.
|
|
name: `${useSecureCookies ? '__Host-' : ''}next-auth.csrf-token`,
|
|
options: {
|
|
httpOnly: true,
|
|
sameSite: 'lax',
|
|
path: '/',
|
|
secure: useSecureCookies,
|
|
},
|
|
},
|
|
pkceCodeVerifier: {
|
|
name: `${cookiePrefix}next-auth.pkce.code_verifier`,
|
|
options: {
|
|
httpOnly: true,
|
|
sameSite: 'lax',
|
|
path: '/',
|
|
secure: useSecureCookies,
|
|
maxAge: 60 * 15, // 15 minutes in seconds
|
|
},
|
|
},
|
|
state: {
|
|
name: `${cookiePrefix}next-auth.state`,
|
|
options: {
|
|
httpOnly: true,
|
|
sameSite: 'lax',
|
|
path: '/',
|
|
secure: useSecureCookies,
|
|
maxAge: 60 * 15, // 15 minutes in seconds
|
|
},
|
|
},
|
|
nonce: {
|
|
name: `${cookiePrefix}next-auth.nonce`,
|
|
options: {
|
|
httpOnly: true,
|
|
sameSite: 'lax',
|
|
path: '/',
|
|
secure: useSecureCookies,
|
|
},
|
|
},
|
|
} as const;
|
|
};
|