Hugging Face's logo

Spaces:
tao-shen
/
HuggingClaw-MissionControl
Sleeping

App Files Community
nyk commited on
Commit
0f4105b
·
unverified ·
1 Parent(s): dcb25c3

fix(auth): allow login on fresh HTTP Docker installs (#304)

Browse files

* fix(auth): allow login cookies on HTTP docker deployments

* test(types): avoid readonly process.env writes in session-cookie tests

Files changed (2) hide show
  1. src/lib/__tests__/session-cookie.test.ts +40 -0
  2. src/lib/session-cookie.ts +1 -1
src/lib/__tests__/session-cookie.test.ts ADDED
@@ -0,0 +1,40 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ import { afterEach, describe, expect, it } from 'vitest'
2
+ import { getMcSessionCookieOptions } from '../session-cookie'
3
+
4
+ describe('getMcSessionCookieOptions', () => {
5
+ const env = process.env as Record<string, string | undefined>
6
+ const originalNodeEnv = env.NODE_ENV
7
+ const originalCookieSecure = env.MC_COOKIE_SECURE
8
+
9
+ afterEach(() => {
10
+ if (originalNodeEnv === undefined) delete env.NODE_ENV
11
+ else env.NODE_ENV = originalNodeEnv
12
+
13
+ if (originalCookieSecure === undefined) delete env.MC_COOKIE_SECURE
14
+ else env.MC_COOKIE_SECURE = originalCookieSecure
15
+ })
16
+
17
+ it('does not force secure cookies on plain HTTP in production when MC_COOKIE_SECURE is unset', () => {
18
+ env.NODE_ENV = 'production'
19
+ delete env.MC_COOKIE_SECURE
20
+
21
+ const options = getMcSessionCookieOptions({ maxAgeSeconds: 60, isSecureRequest: false })
22
+ expect(options.secure).toBe(false)
23
+ })
24
+
25
+ it('sets secure cookies for HTTPS requests when MC_COOKIE_SECURE is unset', () => {
26
+ env.NODE_ENV = 'production'
27
+ delete env.MC_COOKIE_SECURE
28
+
29
+ const options = getMcSessionCookieOptions({ maxAgeSeconds: 60, isSecureRequest: true })
30
+ expect(options.secure).toBe(true)
31
+ })
32
+
33
+ it('respects MC_COOKIE_SECURE override', () => {
34
+ env.NODE_ENV = 'production'
35
+ env.MC_COOKIE_SECURE = '1'
36
+
37
+ const options = getMcSessionCookieOptions({ maxAgeSeconds: 60, isSecureRequest: false })
38
+ expect(options.secure).toBe(true)
39
+ })
40
+ })
src/lib/session-cookie.ts CHANGED
@@ -35,7 +35,7 @@ function envFlag(name: string): boolean | undefined {
35
 
36
  export function getMcSessionCookieOptions(input: { maxAgeSeconds: number; isSecureRequest?: boolean }): Partial<ResponseCookie> {
37
  const secureEnv = envFlag('MC_COOKIE_SECURE')
38
- const secure = secureEnv ?? input.isSecureRequest ?? process.env.NODE_ENV === 'production'
39
 
40
  return {
41
  httpOnly: true,
 
35
 
36
  export function getMcSessionCookieOptions(input: { maxAgeSeconds: number; isSecureRequest?: boolean }): Partial<ResponseCookie> {
37
  const secureEnv = envFlag('MC_COOKIE_SECURE')
38
+ const secure = secureEnv ?? input.isSecureRequest ?? false
39
 
40
  return {
41
  httpOnly: true,