From 4ee20396e81664f46eb1bef7e1eb7a557d69727d Mon Sep 17 00:00:00 2001 From: Yisroel Baum Date: Thu, 2 Jul 2026 01:17:13 +0300 Subject: [PATCH] configure auth cookies --- backend/app/Auth/AuthCookieSettings.php | 28 +++++++++++++ backend/app/Controllers/AuthController.php | 14 ++++--- backend/app/Providers/AppServiceProvider.php | 41 ++++++++++++++++++++ 3 files changed, 77 insertions(+), 6 deletions(-) create mode 100644 backend/app/Auth/AuthCookieSettings.php diff --git a/backend/app/Auth/AuthCookieSettings.php b/backend/app/Auth/AuthCookieSettings.php new file mode 100644 index 0000000..a68a1c9 --- /dev/null +++ b/backend/app/Auth/AuthCookieSettings.php @@ -0,0 +1,28 @@ +secure; + } + + public function getDomain(): ?string + { + return $this->domain; + } + + public function getSameSite(): string + { + return $this->sameSite; + } +} diff --git a/backend/app/Controllers/AuthController.php b/backend/app/Controllers/AuthController.php index 43c9964..36eb532 100644 --- a/backend/app/Controllers/AuthController.php +++ b/backend/app/Controllers/AuthController.php @@ -2,6 +2,7 @@ namespace App\Controllers; +use App\Auth\AuthCookieSettings; use App\Auth\UseCases\AuthenticateUser\AuthenticateUser; use App\Auth\UseCases\AuthenticateUser\AuthenticateUserRequest; use App\Auth\UseCases\CreateSession\CreateSession; @@ -20,6 +21,7 @@ class AuthController private AuthenticateUser $authenticateUser, private CreateSession $createSession, private Logout $logout, + private AuthCookieSettings $cookieSettings, ) { } @@ -55,11 +57,11 @@ class AuthController value: $session->getToken(), expire: $session->getExpiresAt()->getTimestamp(), path: '/', - domain: null, - secure: false, + domain: $this->cookieSettings->getDomain(), + secure: $this->cookieSettings->isSecure(), httpOnly: true, raw: false, - sameSite: Cookie::SAMESITE_LAX, + sameSite: $this->cookieSettings->getSameSite(), )); } @@ -98,11 +100,11 @@ class AuthController value: '', expire: 1, path: '/', - domain: null, - secure: false, + domain: $this->cookieSettings->getDomain(), + secure: $this->cookieSettings->isSecure(), httpOnly: true, raw: false, - sameSite: Cookie::SAMESITE_LAX, + sameSite: $this->cookieSettings->getSameSite(), )); } } diff --git a/backend/app/Providers/AppServiceProvider.php b/backend/app/Providers/AppServiceProvider.php index 9c972cd..1d67ad1 100644 --- a/backend/app/Providers/AppServiceProvider.php +++ b/backend/app/Providers/AppServiceProvider.php @@ -2,6 +2,7 @@ namespace App\Providers; +use App\Auth\AuthCookieSettings; use App\Auth\BcryptPasswordHasher; use App\Auth\Clock; use App\Auth\PasswordHasher; @@ -32,5 +33,45 @@ class AppServiceProvider extends ServiceProvider Filesystem::class, LaravelFilesystem::class, ); + $this->app->bind( + AuthCookieSettings::class, + function (): AuthCookieSettings { + $secureCookie = config('session.secure'); + $sessionDomain = config('session.domain'); + $sameSite = config('session.same_site'); + + return new AuthCookieSettings( + secure: $this->booleanConfig($secureCookie), + domain: $this->nullableStringConfig($sessionDomain), + sameSite: is_string($sameSite) ? $sameSite : 'lax', + ); + } + ); + } + + private function booleanConfig(mixed $value): bool + { + if (is_bool($value)) { + return $value; + } + + if (is_int($value)) { + return $value === 1; + } + + if (is_string($value)) { + return in_array(strtolower($value), ['1', 'true'], true); + } + + return false; + } + + private function nullableStringConfig(mixed $value): ?string + { + if (! is_string($value) || trim($value) === '') { + return null; + } + + return $value; } }