Update src/index.js
Browse files- src/index.js +9 -3
src/index.js
CHANGED
|
@@ -38,12 +38,18 @@ app.use(
|
|
| 38 |
maxAge: 30 * 24 * 60 * 60 * 1000,
|
| 39 |
keys: [process.env.COOKIE_KEY],
|
| 40 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 41 |
httpOnly: true,
|
| 42 |
-
secure: process.env.NODE_ENV === 'production',
|
| 43 |
-
sameSite: 'lax',
|
| 44 |
})
|
| 45 |
);
|
| 46 |
|
|
|
|
|
|
|
| 47 |
|
| 48 |
app.use((req, res, next) => {
|
| 49 |
if (req.session && !req.session.regenerate) {
|
|
@@ -78,4 +84,4 @@ initSocket(httpServer); // Initialize Socket
|
|
| 78 |
const PORT = process.env.PORT || 3000;
|
| 79 |
httpServer.listen(PORT, () => { // Listen on httpServer, NOT app
|
| 80 |
console.log(`🚀 Server + Socket running on port ${PORT}`);
|
| 81 |
-
});
|
|
|
|
| 38 |
maxAge: 30 * 24 * 60 * 60 * 1000,
|
| 39 |
keys: [process.env.COOKIE_KEY],
|
| 40 |
|
| 41 |
+
sameSite: process.env.NODE_ENV === 'production' ? 'none' : 'lax',
|
| 42 |
+
|
| 43 |
+
// Secure MUST be true if sameSite is 'none'
|
| 44 |
+
secure: process.env.NODE_ENV === 'production',
|
| 45 |
+
|
| 46 |
+
// Allow proxy trust (HuggingFace uses a proxy)
|
| 47 |
httpOnly: true,
|
|
|
|
|
|
|
| 48 |
})
|
| 49 |
);
|
| 50 |
|
| 51 |
+
// Trust the HuggingFace/Cloudflare proxy so 'secure' cookies work
|
| 52 |
+
app.set('trust proxy', 1);
|
| 53 |
|
| 54 |
app.use((req, res, next) => {
|
| 55 |
if (req.session && !req.session.regenerate) {
|
|
|
|
| 84 |
const PORT = process.env.PORT || 3000;
|
| 85 |
httpServer.listen(PORT, () => { // Listen on httpServer, NOT app
|
| 86 |
console.log(`🚀 Server + Socket running on port ${PORT}`);
|
| 87 |
+
});
|