fix: allow auth cookies over HTTP for Caddy reverse proxy setup
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 2m12s
Run Tests / Backend Tests (push) Failing after 5m2s
Run Tests / Frontend Tests (push) Failing after 1m18s
Run Tests / Backend Tests (pull_request) Failing after 5m0s
Run Tests / Frontend Tests (pull_request) Failing after 1m1s
Run Tests / Test Summary (push) Failing after 15s
Run Tests / Test Summary (pull_request) Failing after 14s

This commit is contained in:
Gan, Jimmy
2026-04-08 11:19:12 +08:00
parent f45df093e6
commit 0420b0eb13
+3 -1
View File
@@ -17,7 +17,9 @@ oauth2_scheme = OAuth2PasswordBearer(tokenUrl="api/auth/login")
ACCESS_COOKIE_NAME = "nas_access_token" ACCESS_COOKIE_NAME = "nas_access_token"
REFRESH_COOKIE_NAME = "nas_refresh_token" REFRESH_COOKIE_NAME = "nas_refresh_token"
COOKIE_SECURE = True # Allow both HTTP and HTTPS by setting secure=False
# In production, Caddy terminates TLS and forwards to backend over HTTP
COOKIE_SECURE = False
COOKIE_SAMESITE = "lax" COOKIE_SAMESITE = "lax"
COOKIE_PATH = "/" COOKIE_PATH = "/"