From 7b73758d704d9b5c4382202b951ee89f0b55addb Mon Sep 17 00:00:00 2001
From: vchikalkin <djchikalkin@gmail.com>
Date: Mon, 30 Oct 2023 16:39:02 +0300
Subject: [PATCH] apps/api: add cookie options (httpOnly, secure)

---
 apps/api/src/auth/auth.controller.ts | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/apps/api/src/auth/auth.controller.ts b/apps/api/src/auth/auth.controller.ts
index 425a541..f93f9f3 100644
--- a/apps/api/src/auth/auth.controller.ts
+++ b/apps/api/src/auth/auth.controller.ts
@@ -3,17 +3,20 @@
 /* eslint-disable import/no-extraneous-dependencies */
 import { AuthService } from './auth.service';
 import { Credentials } from './types/request';
+import type { CookieSerializeOptions } from '@fastify/cookie';
 import { Body, Controller, Get, HttpException, HttpStatus, Post, Req, Res } from '@nestjs/common';
 import { FastifyReply, FastifyRequest } from 'fastify';
 import { env } from 'src/config/env';
 
 @Controller()
 export class AuthController {
-  cookieOptions: { maxAge: number; path: string };
+  cookieOptions: CookieSerializeOptions;
   constructor(private readonly authService: AuthService) {
     this.cookieOptions = {
+      httpOnly: true,
       maxAge: env.API_TOKEN_TTL,
       path: '/',
+      secure: true,
     };
   }