oauth2 session fix

2026-01-17 10:47:09 +03:00
parent 48160331eb
commit 3e0e6ff456
2 changed files with 6 additions and 2 deletions
--- a/backend/src/lib.rs
+++ b/backend/src/lib.rs
@@ -7,7 +7,7 @@ use sea_orm_migration::prelude::*;
 use std::net::SocketAddr;
 use utoipa::OpenApi;
 use utoipa_swagger_ui::SwaggerUi;
-use tower_sessions::{Expiry, SessionManagerLayer};
+use tower_sessions::{Expiry, SessionManagerLayer, cookie::SameSite};
 use tower_sessions_sqlx_store::PostgresStore;
 use axum_login::AuthManagerLayerBuilder;
 use time::Duration;
@@ -136,7 +136,8 @@ pub async fn create_app(db: DatabaseConnection) -> Result<Router, DbErr> {
        .expect("Failed to run session store migrations");

    let session_layer = SessionManagerLayer::new(session_store)
-        .with_secure(false)
+        .with_secure(true)
+        .with_same_site(SameSite::Lax)
        .with_expiry(Expiry::OnInactivity(Duration::days(7)));

    let backend = auth::AuthBackend { db: db.clone() };
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -21,6 +21,9 @@ services:
      DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}
      RUST_LOG: ${RUST_LOG:-info}
      ALLOWED_ORIGINS: ${ALLOWED_ORIGINS:-http://localhost:3000,http://localhost:5173}
+      GOOGLE_CLIENT_ID: ${GOOGLE_CLIENT_ID}
+      GOOGLE_CLIENT_SECRET: ${GOOGLE_CLIENT_SECRET}
+      GOOGLE_REDIRECT_URL: ${GOOGLE_REDIRECT_URL}
    depends_on:
      - postgres
    networks: