Skip to content

Commit 72f739f

Browse files
committed
test
1 parent dc6f35d commit 72f739f

2 files changed

Lines changed: 2 additions & 5 deletions

File tree

frontend/src/components/AuthManager/AuthManager.tsx

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -77,14 +77,11 @@ const AuthManager = () => {
7777

7878
// SSO Callback handler - fetches profile and JWT after successful SSO login
7979
const handleSSOCallback = async (event?: React.FormEvent<HTMLFormElement>) => {
80-
if (event) {
81-
event.preventDefault();
82-
}
8380
try {
8481
const response = await fetch(
8582
`${process.env.REACT_APP_SERVER_URL}/api/sso/profile`,
8683
{
87-
credentials: 'include', // CRITICAL: Sends session cookie
84+
credentials: 'include', // Send session cookie
8885
}
8986
);
9087

server/src/auth/session.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ export const sessionMiddleware = session({
2424
name: 'carriage.sid', // Custom session cookie name
2525
cookie: {
2626
httpOnly: true,
27-
secure: process.env.NODE_ENV === 'production', // HTTPS only in production
27+
secure: true, // HTTPS only in production
2828
// In production the frontend (Netlify) and backend (Vercel) are on different sites,
2929
// so we must allow the session cookie to be sent on cross-site XHR/fetch requests.
3030
// SameSite=Lax works for localhost (same-site) but *blocks* these requests in prod.

0 commit comments

Comments
 (0)