fix: pass the entire sacred cookie settings on clear

HemmeligOrg · Apr 26, 2024 · 966e249 · 966e249
1 parent 3e2ca81
commit 966e249
Showing 1 changed file with 3 additions and 4 deletions.
diff --git a/server/controllers/authentication.js b/server/controllers/authentication.js
@@ -170,10 +170,9 @@ async function authentication(fastify) {
     );
 
     fastify.post('/signout', async (_, reply) => {
-        reply.clearCookie(COOKIE_KEY_PUBLIC, { path: '/' });
-
-        // clear the http only cookie by setting an expired date
-        reply.setCookie(COOKIE_KEY, '', { path: '/', expires: new Date(0) });
+        reply
+            .clearCookie(COOKIE_KEY_PUBLIC, { path: '/' })
+            .clearCookie(COOKIE_KEY, '', SACRED_COOKIE_SETTINGS);
 
         return {
             signout: 'ok',