From ffbd48acfd316ada0ddbbde48962b3ea538966e7 Mon Sep 17 00:00:00 2001
From: darius <darius.klein@student.hu.nl>
Date: Sun, 19 May 2024 23:57:13 +0200
Subject: [PATCH] security

---
 api/handlers/authHandler.go | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/api/handlers/authHandler.go b/api/handlers/authHandler.go
index 7cde534..9364261 100644
--- a/api/handlers/authHandler.go
+++ b/api/handlers/authHandler.go
@@ -8,6 +8,7 @@ import (
 	"portfolio/api/service/jwt"
 	"portfolio/database/ent"
 	"portfolio/database/query"
+	"time"
 )
 
 func Login(w http.ResponseWriter, r *http.Request) {
@@ -40,11 +41,11 @@ func Login(w http.ResponseWriter, r *http.Request) {
 		if jwtToken != "" {
 
 			cookie := &http.Cookie{Name: "jwt",
-				Value: jwtToken,
-				//HttpOnly: true,
-				//Secure:   true,
-				//SameSite: http.SameSiteNoneMode,
-				//Expires:  time.Now().Add(24 * time.Hour),
+				Value:    jwtToken,
+				HttpOnly: true,
+				Secure:   true,
+				SameSite: http.SameSiteStrictMode,
+				Expires:  time.Now().Add(24 * time.Hour),
 			}
 
 			http.SetCookie(w, cookie)