From f3da765f7c83361ed12cf1be289ba0b6408bf5b3 Mon Sep 17 00:00:00 2001 From: Daniel Volz Date: Sun, 28 Dec 2025 02:32:45 +0100 Subject: [PATCH] feat(db): add new columns to medications and users tables for enhanced data tracking feat(oidc): refactor setAuthCookies to use centralized cookie options for consistency feat(nginx): update configuration to pass cookies through proxy for improved session handling --- backend/src/db/client.ts | 4 ++++ backend/src/routes/oidc.ts | 27 +++++++-------------------- frontend/nginx.conf | 4 ++++ 3 files changed, 15 insertions(+), 20 deletions(-) diff --git a/backend/src/db/client.ts b/backend/src/db/client.ts index a31ab9b..4a5e54e 100644 --- a/backend/src/db/client.ts +++ b/backend/src/db/client.ts @@ -165,7 +165,11 @@ async function runMigrations() { { name: "notes", sql: "ALTER TABLE medications ADD COLUMN notes TEXT" }, { name: "generic_name", sql: "ALTER TABLE medications ADD COLUMN generic_name TEXT" }, { name: "intake_reminders_enabled", sql: "ALTER TABLE medications ADD COLUMN intake_reminders_enabled INTEGER NOT NULL DEFAULT 0" }, + { name: "pill_weight_mg", sql: "ALTER TABLE medications ADD COLUMN pill_weight_mg REAL" }, + { name: "taken_by", sql: "ALTER TABLE medications ADD COLUMN taken_by TEXT" }, { name: "users_email", sql: "ALTER TABLE users ADD COLUMN email TEXT" }, + { name: "users_avatar_url", sql: "ALTER TABLE users ADD COLUMN avatar_url TEXT" }, + { name: "users_oidc_subject", sql: "ALTER TABLE users ADD COLUMN oidc_subject TEXT" }, { name: "user_settings_expiry_warning_days", sql: "ALTER TABLE user_settings ADD COLUMN expiry_warning_days INTEGER NOT NULL DEFAULT 90" }, ]; diff --git a/backend/src/routes/oidc.ts b/backend/src/routes/oidc.ts index 9025812..d0d819d 100644 --- a/backend/src/routes/oidc.ts +++ b/backend/src/routes/oidc.ts @@ -201,8 +201,9 @@ export async function oidcRoutes(app: FastifyInstance) { expiresAt, }); - // Set cookies - setAuthCookies(reply, accessToken, refreshToken); + // Set cookies (use app's centralized cookie options) + console.log(`[OIDC] Setting cookies for user ${user.username}, NODE_ENV=${env.NODE_ENV}, secure=${app.config.cookieOptions.secure}`); + setAuthCookies(app, reply, accessToken, refreshToken); // Redirect to frontend dashboard // In dev: CORS_ORIGINS contains the frontend URL @@ -308,22 +309,8 @@ async function generateRefreshToken( return { refreshToken, tokenId, expiresAt }; } -function setAuthCookies(reply: FastifyReply, accessToken: string, refreshToken: string) { - const isProduction = env.NODE_ENV === "production"; - - reply.setCookie("access_token", accessToken, { - httpOnly: true, - secure: isProduction, - sameSite: "lax", - path: "/", - maxAge: env.ACCESS_TOKEN_TTL_MINUTES * 60, - }); - - reply.setCookie("refresh_token", refreshToken, { - httpOnly: true, - secure: isProduction, - sameSite: "lax", - path: "/", - maxAge: env.REFRESH_TOKEN_TTL_DAYS * 24 * 60 * 60, - }); +function setAuthCookies(app: FastifyInstance, reply: FastifyReply, accessToken: string, refreshToken: string) { + // Use the same cookie options as regular auth for consistency + reply.setCookie("access_token", accessToken, app.config.cookieOptions); + reply.setCookie("refresh_token", refreshToken, app.config.refreshCookieOptions); } diff --git a/frontend/nginx.conf b/frontend/nginx.conf index f143f00..1c74a2f 100644 --- a/frontend/nginx.conf +++ b/frontend/nginx.conf @@ -26,6 +26,10 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; + # Pass cookies through + proxy_pass_header Set-Cookie; + proxy_cookie_path / /; + # Timeout for uploads proxy_read_timeout 60s; proxy_send_timeout 60s;