refactor: Make cookie 'secure' setting more configurable

Signed-off-by: Christoph Heiss <contact@christoph-heiss.at>
2022-06-22 19:29:06 +02:00 · 2022-06-22 19:29:06 +02:00 · a9aa5be5c9
parent 76d160ba59
commit a9aa5be5c9
2 changed files with 15 additions and 4 deletions
--- a/next.config.js
+++ b/next.config.js
@ -9,4 +9,8 @@ module.exports = {
      path.join(__dirname, 'src/styles'),
    ],
  },
+  serverRuntimeConfig: {
+    COOKIE_PASSWORD: process.env.COOKIE_PASSWORD ?? 'developmentdevelopmentdevelopment',
+    INSECURE_COOKIES: process.env.INSECURE_COOKIES,
+  },
 };
--- a/src/lib/withSession.ts
+++ b/src/lib/withSession.ts
@ -1,15 +1,22 @@
-import { withIronSessionApiRoute, withIronSessionSsr } from 'iron-session/next';
 import {
  GetServerSidePropsContext,
  GetServerSidePropsResult,
  NextApiHandler,
 } from 'next';
+import getConfig from 'next/config';
+import { withIronSessionApiRoute, withIronSessionSsr } from 'iron-session/next';
+
+const { serverRuntimeConfig } = getConfig();
+
+const secureCookies = serverRuntimeConfig.INSECURE_COOKIES !== undefined
+  ? !serverRuntimeConfig.INSECURE_COOKIES
+  : process.env.NODE_ENV === 'production';

 const sessionOptions = {
-  cookieName: 'wgdash_user',
-  password: process.env.COOKIE_PASSWORD ?? 'developmentdevelopmentdevelopment',
+  cookieName: 'user',
+  password: serverRuntimeConfig.COOKIE_PASSWORD,
  cookieOptions: {
-    secure: process.env.NODE_ENV === 'production',
+    secure: secureCookies,
  },
 };