Local dev was limited to port 8000, but we already have a config option available for the abandon auth.
I have also adjusted the cookie policy for the shared domain. We no longer need to specify the domain in the cookie since the cookie provider is also on the client domain in production. This should also allow us to use http only in our cookie options, but I haven't tested this yet, so there is only one way to find out >:)
Local dev was limited to port 8000, but we already have a config option available for the abandon auth.
I have also adjusted the cookie policy for the shared domain. We no longer need to specify the domain in the cookie since the cookie provider is also on the client domain in production. This should also allow us to use http only in our cookie options, but I haven't tested this yet, so there is only one way to find out >:)
closes #135