server: Make the JWT cookies valid for /

This will be used to secure the password change API.
This commit is contained in:
Valentin Tolmer 2021-11-21 18:08:56 +01:00 committed by nitnelave
parent e1503743b5
commit 7b5ad47ee2

View File

@ -101,7 +101,7 @@ where
.cookie( .cookie(
Cookie::build("token", token.as_str()) Cookie::build("token", token.as_str())
.max_age(1.days()) .max_age(1.days())
.path("/api") .path("/")
.http_only(true) .http_only(true)
.same_site(SameSite::Strict) .same_site(SameSite::Strict)
.finish(), .finish(),
@ -148,7 +148,7 @@ where
.cookie( .cookie(
Cookie::build("token", "") Cookie::build("token", "")
.max_age(0.days()) .max_age(0.days())
.path("/api") .path("/")
.http_only(true) .http_only(true)
.same_site(SameSite::Strict) .same_site(SameSite::Strict)
.finish(), .finish(),
@ -203,7 +203,7 @@ where
.cookie( .cookie(
Cookie::build("token", token.as_str()) Cookie::build("token", token.as_str())
.max_age(1.days()) .max_age(1.days())
.path("/api") .path("/")
.http_only(true) .http_only(true)
.same_site(SameSite::Strict) .same_site(SameSite::Strict)
.finish(), .finish(),