mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
084ebe6e16
**Related issue:** Resolves #14401 this updates the mechanism of storing the auth token for a user that is used for making requests and validating a user session. We change the storage from local storage to a cookie. This allow a bit more security and prepares for a future change where we will allow the browser to handle setting and passing the auth token in the request. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. - [x] QA'd all new/changed functionality manually
25 lines
627 B
TypeScript
25 lines
627 B
TypeScript
/**
|
|
* This contains a collection of utility functions for working with
|
|
* users auth token.
|
|
*/
|
|
import Cookie from "js-cookie";
|
|
|
|
const save = (token: string): void => {
|
|
Cookie.set("__Host-token", token, { secure: true, sameSite: "lax" });
|
|
};
|
|
|
|
const get = (): string | null => {
|
|
return Cookie.get("__Host-token") || null;
|
|
};
|
|
|
|
const remove = (): void => {
|
|
// NOTE: the entire cookie including the name and values must be provided
|
|
// to correctly remove. That is why we include the options here as well.
|
|
Cookie.remove("__Host-token", { secure: true, sameSite: "lax" });
|
|
};
|
|
|
|
export default {
|
|
save,
|
|
get,
|
|
remove,
|
|
};
|