frankcollins3
commented
11 months ago π
export const JWTsecretKeyMaker = () => { return crypto.randomBytes(64).toString('hex') }
const token = jwt.sign({ id: user.id }, SECRET_KEY);
π
// no http only key. acknowledging potential security implications and this being a regular next app giving it a pass
document.cookie = token=${loggedInUser.token}; max-age=${7 * 24 * 60 * 60}; path=/;;
ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«ππ«
attempting to do: set cookies for user when they log in. serverside. Just found out about Doing the same in clientside
error: res is not defined in setCookie() function which is a serverside execution.
proposed approach: 0: this is already an attempt to use client setting of cookie to accomplish same end goal but without having res object available document.cookie =
token=${loggedInUser.token}; httpOnly; max-age=${7 * 24 * 60 * 60}; path=/;;