Cookie-domene .synops.no for subdomain-deling + workspace.synops.no

Auth-cookies settes på .synops.no slik at de deles mellom synops.no, workspace.synops.no, og fremtidige subdomener. Caddy proxyer workspace.synops.no til SvelteKit. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 03:35:10 +00:00 · 2026-03-19 03:35:10 +00:00 · ed632f686d
commit ed632f686d
parent 6411347aec
1 changed files with 14 additions and 0 deletions
--- a/frontend/src/auth.ts
+++ b/frontend/src/auth.ts
@ -56,6 +56,20 @@ async function syncUsername(accessToken: string, username: string): Promise<void

 export const { handle, signIn, signOut } = SvelteKitAuth({
 	trustHost: true,
+	cookies: {
+		sessionToken: {
+			name: '__Secure-authjs.session-token',
+			options: { domain: '.synops.no', path: '/', sameSite: 'lax', secure: true, httpOnly: true },
+		},
+		callbackUrl: {
+			name: '__Secure-authjs.callback-url',
+			options: { domain: '.synops.no', path: '/', sameSite: 'lax', secure: true, httpOnly: true },
+		},
+		csrfToken: {
+			name: '__Host-authjs.csrf-token',
+			options: { path: '/', sameSite: 'lax', secure: true, httpOnly: true },
+		},
+	},
 	providers: [
 		{
 			id: 'authentik',