GH-27: Set the appropriate Secure value for authorization cookie

ArtyomVancyan · ArtyomVancyan · commit 2b46e6ad846b · 2023-10-13T18:58:31.000+04:00
diff --git a/src/fastapi_oauth2/core.py b/src/fastapi_oauth2/core.py
@@ -132,6 +132,7 @@ async def token_redirect(self, request: Request, **kwargs) -> RedirectResponse:
             value=f"Bearer {access_token}",
             max_age=request.auth.expires,
             expires=request.auth.expires,
+            secure=not request.auth.http,
             httponly=True,
         )
         return response

Original file line number	Diff line number	Diff line change
`@@ -132,6 +132,7 @@ async def token_redirect(self, request: Request, **kwargs) -> RedirectResponse:`
`132`	`132`	`value=f"Bearer {access_token}",`
`133`	`133`	`max_age=request.auth.expires,`
`134`	`134`	`expires=request.auth.expires,`
	`135`	`+ secure=not request.auth.http,`
`135`	`136`	`httponly=True,`
`136`	`137`	`)`
`137`	`138`	`return response`