feat: added cookie settings for the security util

Azurency · Azurency · commit db59fd395ab4 · 2023-11-30T22:54:14.000+01:00
diff --git a/src/module.ts b/src/module.ts
@@ -70,6 +70,16 @@ export default defineNuxtModule<ModuleOptions>({
         sameSite: 'lax'
       }
     })
+    // Security settings
+    runtimeConfig.nuxtAuthUtils = defu(runtimeConfig.nuxtAuthUtils, {})
+    runtimeConfig.nuxtAuthUtils.security = defu(runtimeConfig.nuxtAuthUtils.security, {
+      cookie: {
+        secure: true, 
+        httpOnly: true, 
+        sameSite: 'lax',
+        maxAge: 60 * 15
+      }
+    })
     // OAuth settings
     runtimeConfig.oauth = defu(runtimeConfig.oauth, {})
     // GitHub OAuth
diff --git a/src/runtime/server/utils/security.ts b/src/runtime/server/utils/security.ts
@@ -63,16 +63,17 @@ export const checks = {
    */
   async create(event: H3Event, checks?: OAuthChecks[]) {
     const res: Record<string, string> = {}
+    const runtimeConfig = useRuntimeConfig()
     if (checks?.includes('pkce')) {
       const pkceVerifier = generateCodeVerifier()
       const pkceChallenge = await pkceCodeChallenge(pkceVerifier)
       res['code_challenge'] = pkceChallenge
       res['code_challenge_method'] = 'S256'
-      setCookie(event, 'nuxt-auth-util-verifier', pkceVerifier, { maxAge: 60 * 15, secure: true, httpOnly: true, sameSite: 'lax' })
+      setCookie(event, 'nuxt-auth-util-verifier', pkceVerifier, runtimeConfig.nuxtAuthUtils.security.cookie)
     }
     if (checks?.includes('state')) {
       res['state'] = generateState()
-      setCookie(event, 'nuxt-auth-util-state', res['state'], { maxAge: 60 * 15, secure: true, httpOnly: true, sameSite: 'lax' })
+      setCookie(event, 'nuxt-auth-util-state', res['state'], runtimeConfig.nuxtAuthUtils.security.cookie)
     }
     return res
   },
