fix: pwa cookie

2026-02-22 10:34:42 +08:00 · 2025-07-11 22:45:23 +08:00
parent 6990fe14a8
commit 323c1ba953
3 changed files with 18 additions and 6 deletions
--- a/src/app/api/login/route.ts
+++ b/src/app/api/login/route.ts
@@ -76,7 +76,9 @@ export async function POST(req: NextRequest) {
        response.cookies.set('auth', '', {
          path: '/',
          expires: new Date(0),
-          sameSite: 'strict',
+          sameSite: 'lax', // 改为 lax 以支持 PWA
+          httpOnly: false, // PWA 需要客户端可访问
+          secure: false, // 根据协议自动设置
        });

        return response;
@@ -103,7 +105,9 @@ export async function POST(req: NextRequest) {
      response.cookies.set('auth', cookieValue, {
        path: '/',
        expires,
-        sameSite: 'strict',
+        sameSite: 'lax', // 改为 lax 以支持 PWA
+        httpOnly: false, // PWA 需要客户端可访问
+        secure: false, // 根据协议自动设置
      });

      return response;
@@ -133,7 +137,9 @@ export async function POST(req: NextRequest) {
      response.cookies.set('auth', cookieValue, {
        path: '/',
        expires,
-        sameSite: 'strict',
+        sameSite: 'lax', // 改为 lax 以支持 PWA
+        httpOnly: false, // PWA 需要客户端可访问
+        secure: false, // 根据协议自动设置
      });

      return response;
@@ -166,7 +172,9 @@ export async function POST(req: NextRequest) {
      response.cookies.set('auth', cookieValue, {
        path: '/',
        expires,
-        sameSite: 'strict',
+        sameSite: 'lax', // 改为 lax 以支持 PWA
+        httpOnly: false, // PWA 需要客户端可访问
+        secure: false, // 根据协议自动设置
      });

      return response;
--- a/src/app/api/logout/route.ts
+++ b/src/app/api/logout/route.ts
@@ -9,7 +9,9 @@ export async function POST() {
  response.cookies.set('auth', '', {
    path: '/',
    expires: new Date(0),
-    sameSite: 'strict',
+    sameSite: 'lax', // 改为 lax 以支持 PWA
+    httpOnly: false, // PWA 需要客户端可访问
+    secure: false, // 根据协议自动设置
  });

  return response;
--- a/src/app/api/register/route.ts
+++ b/src/app/api/register/route.ts
@@ -108,7 +108,9 @@ export async function POST(req: NextRequest) {
      response.cookies.set('auth', cookieValue, {
        path: '/',
        expires,
-        sameSite: 'strict',
+        sameSite: 'lax', // 改为 lax 以支持 PWA
+        httpOnly: false, // PWA 需要客户端可访问
+        secure: false, // 根据协议自动设置
      });

      return response;