CookieOptions
CookieOptions
Options for the handling of the cookies used to track sessions (only applicable if
authOptions.tokenMethod
is set to 'cookie'
). These options are passed directly
to the Express cookie-session middleware.
Signature
interface CookieOptions {
name?: string;
secret?: string;
path?: string;
domain?: string;
sameSite?: 'strict' | 'lax' | 'none' | boolean;
secure?: boolean;
secureProxy?: boolean;
httpOnly?: boolean;
signed?: boolean;
overwrite?: boolean;
}
Members
name
string
'session'
secret
string
(random character string)
The secret used for signing the session cookies for authenticated users. Only applies tokenMethod is set to ‘cookie’.
In production applications, this should not be stored as a string in source control for security reasons, but may be loaded from an external file not under source control, or from an environment variable, for example.
path
string
'/'
domain
string
sameSite
'strict' | 'lax' | 'none' | boolean
false
secure
boolean
secureProxy
boolean
httpOnly
boolean
true
signed
boolean
overwrite
boolean