Fix cookies

.env.template

@@ -18,6 +18,7 @@ GMAIL_NAME=
 GMAIL_PASSWORD=
 ERRORS_ADDR=
 
+WEB_DOMAIN=
 NOCTBOT_ADDR=
 RPC_PORT=
 WEB_COOKIE_KEY=

web/src/server.ts

@@ -8,6 +8,7 @@ import session from "cookie-session";
 import sirv from "sirv";
 import { createConnection, getConnectionOptions } from "typeorm";
 import { DB_ENTITIES } from "@shared/db/entities";
+import { ENV } from "src/utils/environment";
 import { logger } from "./utils/logging";
 import { AppSession } from "./utils/session";
 
@@ -38,6 +39,8 @@ const createSapperServer = async (): Promise<Express> => {
         session({
             secret: key,
             name: "session",
+            httpOnly: true,
+            domain: ENV.WEB_DOMAIN,
         }),
         compression({ threshold: 0 }),
         sirv("static", { dev }),

web/src/utils/environment.ts

@@ -24,6 +24,7 @@ export const ENV = {
     WEB_DATA_PATH: "",
     HCAPTCHA_SITEKEY: "",
     HCAPTCHA_SECRET: "",
+    WEB_DOMAIN: "",
 };
 
 function isValid(): boolean {