From 12e80c269894dd3f3bf979b415e4a16dbbd6960f Mon Sep 17 00:00:00 2001 From: reidlab Date: Thu, 21 Sep 2023 18:52:56 -0700 Subject: [PATCH] update cookie stuff --- src/template_endpoints/login.rs | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/template_endpoints/login.rs b/src/template_endpoints/login.rs index cd091ef..96855e8 100644 --- a/src/template_endpoints/login.rs +++ b/src/template_endpoints/login.rs @@ -6,6 +6,8 @@ use rocket::form::Form; use rocket::http::{Cookie, CookieJar}; +use rocket::time::Duration; + use diesel::prelude::*; use crate::db; @@ -35,6 +37,11 @@ pub fn post_login(jar: &CookieJar<'_>, input: Form) -> Template { jar.add_private(Cookie::build( "blackmail_data", format!("{}:{}:{}", account_id_username_val.1, account_id_user_id_val.0, account_id_user_id_val.1)) + .path("/") + // should probably make this true when we get into production + .secure(false) + .http_only(true) + .max_age(Duration::days(365)) .finish()); return Template::render("login", context! {