search

awslabs / cognito-at-edge

Serverless authentication solution to protect your website or Amplify application
Apache License 2.0
168 stars 54 forks source link

Support SameSite cookie #50

Closed ckifer closed 1 year ago

ckifer commented 1 year ago

Issue # (if available): #47

Description of changes:

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

ckifer commented 1 year ago

@borisfba @jeandek any chance this gets merged soon? Thanks :)

borisfba commented 1 year ago

Please also update the readme with a new configuration parameter

ckifer commented 1 year ago

Hey @borisfba. Thanks for the review! Made documentation fixes/additions, and made sameSite optional!

Not sure if I agree on the use of an enum here, if my solution doesn't satisfy your concern I will refactor to an enum (the difference is nit, happy to use an enum). I want to avoid having to export the SameSite enum for use by consumers if possible. This way a user can just specify one of the union type values and be on their way without a new import.

Defined the allowed values directly below the union type and added a unit test as a mitigation.