feat(login): Add Lax cookie policy

D34THWINGS · D34THWINGS · commit 1207f287e7b3 · 2017-05-18T16:41:17.000Z
diff --git a/config/production.js b/config/production.js
@@ -31,6 +31,7 @@ module.exports = {
       secret: '&é"(§è!çà)-azertyuiop1234567890%',
       name: 'lvconnect',
       isSecure: true,
+      isSameSite: 'Lax',
     },
   },
   mongodb: {
diff --git a/package.json b/package.json
@@ -38,7 +38,7 @@
     "hapi": "^16.0.1",
     "hapi-auth-basic": "^4.2.0",
     "hapi-auth-bearer-token": "^4.2.1",
-    "hapi-auth-cookie": "^6.1.1",
+    "hapi-auth-cookie": "7.0.0",
     "inert": "^4.0.2",
     "joi": "^10.0.5",
     "kue": "^0.11.1",
@@ -64,7 +64,7 @@
     "chai": "^3.5.0",
     "commander": "^2.9.0",
     "eslint": "^3.8.1",
-    "eslint-config-airbnb-base": "^11.0.0",
+    "eslint-config-airbnb-base": "^11.2.0",
     "eslint-plugin-import": "^2.0.1",
     "mocha": "^3.0.2",
     "nodemon": "^1.10.2"
diff --git a/server/login/index.js b/server/login/index.js
@@ -19,6 +19,7 @@ exports.register = (server, { cache, cookie }, next) => {
     cookie: cookie.name,
     redirectTo: cookie.redirect,
     isSecure: cookie.isSecure,
+    isSameSite: cookie.isSameSite,
     clearInvalid: true,
     validateFunc(request, session, callback) {
       request.server.app.cache.get(session.sid, (err, cached) => {
diff --git a/yarn.lock b/yarn.lock
