fix : correctif mr

2026-03-13 09:47:09 +01:00
parent b3fc6f77b1
commit 00dc2daa3d
11 changed files with 61 additions and 67 deletions
--- a/server/middleware/auth-cookie.ts
+++ b/server/middleware/auth-cookie.ts
@@ -0,0 +1,25 @@
+export default defineEventHandler((event) => {
+  const path = event.path || event.node.req.url || ""
+
+  if (path.startsWith("/api/")) {
+    return
+  }
+
+  const runtimeConfig = useRuntimeConfig(event)
+  const expectedToken = runtimeConfig.apiSecretKey
+
+  if (!expectedToken) {
+    return
+  }
+
+  if (getCookie(event, "api_auth_token") === expectedToken) {
+    return
+  }
+
+  setCookie(event, "api_auth_token", expectedToken, {
+    httpOnly: true,
+    sameSite: "lax",
+    secure: process.env.NODE_ENV === "production",
+    path: "/"
+  })
+})