bretton.dev
Coves frontend - a photon fork
1/**
2 * Shared cookie configuration options for authentication endpoints.
3 *
4 * These constants ensure consistent cookie settings across all auth endpoints
5 * and reduce the risk of configuration drift.
6 */
7
8/**
9 * Cookie options for pending auth state (kelp_pending_auth).
10 *
11 * This cookie stores temporary state during the OAuth flow (instance URL, redirect target).
12 * It has a short TTL since the OAuth flow should complete within minutes.
13 */
14export const PENDING_AUTH_COOKIE_OPTIONS = {
15 httpOnly: true,
16 secure: import.meta.env.PROD,
17 sameSite: 'lax' as const,
18 path: '/',
19 maxAge: 60 * 10, // 10 minutes
20}