search

vuejs / vuefire

🔥 Firebase bindings for Vue.js
https://vuefire.vuejs.org
MIT License
3.82k stars 323 forks source link

Session Cookie Options #1458

Closed pdawson closed 7 months ago

pdawson commented 7 months ago

What problem is this solving

When a session cookie is minted within Auth on the server, the options of that cookie are hardcoded

setCookie(event, AUTH_COOKIE_NAME, cookie, {
    maxAge: AUTH_COOKIE_MAX_AGE,
    secure: true,
    httpOnly: true,
    path: "/",
    sameSite: "lax"
});

Proposed solution

Allow us to specify options for said cookie within config for auth, e.g.

vuefire: {
    auth: {
        enabled: true,
        sessionCookie: true,
        cookieOptions: {
            sameSite: 'strict',
        },
    },
},

Describe alternatives you've considered

No response