fix: explicitly set rack session to none

Also sets secure when in production mode and is https
mlibrary · May 5, 2023 · ee54d91 · ee54d91
1 parent 46394e2
commit ee54d91
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/account.rb b/account.rb
@@ -72,6 +72,12 @@
 helpers StyledFlash
 
 enable :sessions
+set :sessions,
+  same_site: :none,
+  expire_after: 1.day
+
+set :sessions, secure: true if settings.environment == :production
+
 set :session_secret, ENV["RACK_COOKIE_SECRET"]
 set server: "thin", connections: []