refactor(security): set refresh_token as HttpOnly cookie #87

Merged

chartgerink merged 3 commits from fix/73 into main 2025-09-26 12:41:37 +00:00

Conversation 0 Commits 3 Files changed 8 +384 -204

chartgerink commented 2025-09-26 12:32:40 +00:00

Owner

Copy link

• add HttpOnly cookie for refresh token
• update tests
• update cors for credentials

Fixes #73.

- add `HttpOnly` cookie for refresh token - update tests - update cors for credentials Fixes #73.

chartgerink added 3 commits 2025-09-26 12:32:41 +00:00

add HttpOnly cookie for refresh token 24cff47902

update tests f610fa7084

update cors for credentials 16b9f223e8

chartgerink merged commit 0d73161e39 into main 2025-09-26 12:41:37 +00:00

chartgerink deleted branch fix/73 2025-09-26 12:41:37 +00:00

chartgerink referenced this pull request from a commit 2025-09-26 12:41:38 +00:00

refactor(security): set `refresh_token` as `HttpOnly` cookie (#87)

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

bug

Something is not working

  

critical

issues that are blocking other work, high importance + urgent

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

future

Not on the docket right now. Keeping the issue for future work.

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No labels

bug

critical

duplicate

enhancement

future

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: researchequals/api#87

No description provided.