Allow the auth cookie in development

2020-10-22 16:27:31 -05:00 · 2020-10-22 16:27:31 -05:00 · 228f2141e7
commit 228f2141e7
parent 3de755b840
2 changed files with 10 additions and 2 deletions
--- a/lib/bigcommerce/api/operations/login.ts
+++ b/lib/bigcommerce/api/operations/login.ts
@ -49,9 +49,17 @@ async function login({
    query,
    { variables }
  )
-  const cookie = res.headers.get('Set-Cookie')
+  // Bigcommerce returns a Set-Cookie header with the auth cookie
+  let cookie = res.headers.get('Set-Cookie')

  if (cookie && typeof cookie === 'string') {
+    // In development, don't set a secure cookie or the browser will ignore it
+    if (process.env.NODE_ENV !== 'production') {
+      cookie = cookie.replace('; Secure', '')
+      // SameSite=none can't be set unless the cookie is Secure
+      cookie = cookie.replace('; SameSite=none', '; SameSite=lax')
+    }
+
    response.setHeader(
      'Set-Cookie',
      concatHeader(response.getHeader('Set-Cookie'), cookie)!
--- a/pages/login.tsx
+++ b/pages/login.tsx
@ -4,7 +4,7 @@ import { Logo, Modal, Button } from '@components/ui'

 export default function Login() {
  const signup = useSignup()
-  // TODO: use this method
+  // TODO: use this method. It can take more than 5 seconds to do a signup
  const handleSignup = async () => {
    // TODO: validate the password and email before calling the signup
    // Passwords must be at least 7 characters and contain both alphabetic