feat(auth): auto-login after onboarding, consolidate session cookies
- Extract session cookie issuance into sessionCookies.ts helper; remove duplicated COOKIE_BASE blocks from login, register, oauth callback/authorize, refresh handler, hooks.server.ts, and onboarding. - Derive cookie secure flag from ORIGIN (https://...) instead of NODE_ENV so plain-HTTP production deploys don't silently drop cookies. - Auto-login admin after onboarding completes; UI does a full reload so hooks.server.ts picks up the new session. - Harden onboarding: reject duplicate admin creation, flip onboardingComplete atomically to prevent concurrent completions, error out if no admin found. - Fix Dockerfile CMD operator precedence: node build now always runs after migrate deploy || db push. - Wire ORIGIN env through docker-compose.
This commit is contained in:
@@ -16,6 +16,7 @@ services:
|
||||
- NODE_ENV=production
|
||||
- APP_PORT=3000
|
||||
- APP_HOST=0.0.0.0
|
||||
- ORIGIN=${ORIGIN:-http://localhost:${APP_PORT:-3000}}
|
||||
volumes:
|
||||
- launcher-data:/app/data
|
||||
networks:
|
||||
|
||||
Reference in New Issue
Block a user