diff --git a/backend/src/auth/auth.py b/backend/src/auth/auth.py index 6ac89ac..02f2fc9 100644 --- a/backend/src/auth/auth.py +++ b/backend/src/auth/auth.py @@ -219,7 +219,15 @@ def refresh_token(refresh_token: Annotated[str | None, Cookie()] = None): httponly=True, secure=True if settings.debug == False else True, samesite='lax', - max_age=4 + max_age=30 * 24 * settings.max_age + ) + response.set_cookie( + key='id_token', + value=token_data['id_token'], + httponly=True, + secure=not settings.debug, + samesite='lax', + max_age=settings.max_age ) return response diff --git a/frontend/src/services/api.ts b/frontend/src/services/api.ts index 3034c8e..cc29a8f 100644 --- a/frontend/src/services/api.ts +++ b/frontend/src/services/api.ts @@ -29,7 +29,7 @@ export async function refreshToken() { return await fetch(`${Config.backend_uri}/auth/refresh`, {method: "POST", credentials: "include"}); } -export async function fetchWithAuth(input: RequestInfo, options?: RequestInit) { +export async function fetchWithAuth(input: RequestInfo, options?: RequestInit, redirect: boolean = true) { const res = await fetch(input, { credentials: "include", ...options, @@ -38,7 +38,8 @@ export async function fetchWithAuth(input: RequestInfo, options?: RequestInit) { if (res.status === 401) { const refresh = await refreshToken(); if (refresh.status == 400 || refresh.status == 401) { - window.location.href = `/?sessionExpired=True`; + if (redirect) + window.location.href = `/?sessionExpired=True`; const error = new Error("Unauthorized"); error.cause = 401 @@ -836,9 +837,9 @@ export function useCurrentUser() { return useQuery({ queryKey: ["currentUser"], queryFn: () => { - return fetch(`${Config.backend_uri}/auth/user/me`, { + return fetchWithAuth(`${Config.backend_uri}/auth/user/me`, { credentials: "include", - }).then((res) => res.json()); + }, false).then((res) => res.json()); }, retry: false, });