From d425d65f85e3110b4bd390bfa1a5495d80b0a985 Mon Sep 17 00:00:00 2001
From: Jonathon Adams <24870903+jonathonadams@users.noreply.github.com>
Date: Wed, 9 Sep 2020 11:24:19 +0930
Subject: [PATCH] fix(auth): add domain to refresh cookie for demo site

---
 libs/server/auth/src/lib/core/cookies.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libs/server/auth/src/lib/core/cookies.ts b/libs/server/auth/src/lib/core/cookies.ts
index 76cb8daf..9f3e4773 100644
--- a/libs/server/auth/src/lib/core/cookies.ts
+++ b/libs/server/auth/src/lib/core/cookies.ts
@@ -6,6 +6,10 @@ const options: SetOption = {
   secure: true,
   sameSite: 'strict',
   path: '/authorize', // set to only the /authorize path so it is sent on both /refresh & /revoke
+  // ZTP_AFTER_CLONE You may want to delete the domain below so that it defaults to the host
+  // This is set so the the demo site works and the cookie is sent to both
+  // https://api.zero-to-production.dev && https://fns.zero-to-production.dev
+  domain: 'zero-to-production.dev',
 };
 
 export function setRefreshTokenCookie(cookies: Cookies, refreshToken?: string) {