fix: try not setting path on access token

2025-07-19 23:20:16 +02:00 · 2025-07-19 23:20:16 +02:00 · d2fec66ddb
commit d2fec66ddb
parent 252b9a3dc6
4 changed files with 4 additions and 5 deletions
--- a/src/api/v1/auth/login.rs
+++ b/src/api/v1/auth/login.rs
@ -105,7 +105,7 @@ pub async fn response(
    response.headers_mut().append(
        "Set-Cookie",
        HeaderValue::from_str(
-            &new_access_token_cookie(&app_state.config, access_token).to_string(),
+            &new_access_token_cookie(access_token).to_string(),
        )?,
    );

--- a/src/api/v1/auth/refresh.rs
+++ b/src/api/v1/auth/refresh.rs
@ -123,7 +123,7 @@ pub async fn post(
        response.headers_mut().append(
            "Set-Cookie",
            HeaderValue::from_str(
-                &new_access_token_cookie(&app_state.config, access_token).to_string(),
+                &new_access_token_cookie(access_token).to_string(),
            )?,
        );

--- a/src/api/v1/auth/register.rs
+++ b/src/api/v1/auth/register.rs
@ -171,7 +171,7 @@ pub async fn post(
        response.headers_mut().append(
            "Set-Cookie",
            HeaderValue::from_str(
-                &new_access_token_cookie(&app_state.config, access_token).to_string(),
+                &new_access_token_cookie(access_token).to_string(),
            )?,
        );

--- a/src/utils.rs
+++ b/src/utils.rs
@ -43,12 +43,11 @@ pub fn new_refresh_token_cookie(config: &Config, refresh_token: String) -> Cooki
        .build()
 }

-pub fn new_access_token_cookie(config: &Config, access_token: String) -> Cookie {
+pub fn new_access_token_cookie<'cookie>(access_token: String) -> Cookie<'cookie> {
    Cookie::build(("access_token", access_token))
        .http_only(false)
        .secure(true)
        .same_site(SameSite::None)
-        .path(config.web.backend_url.path().to_string())
        .max_age(Duration::hours(1))
        .build()
 }