css changes, secure/http only admin session

author: Tyler Murphy <tylermurphy534@gmail.com> 2023-01-30 11:42:45 -0500
committer: Tyler Murphy <tylermurphy534@gmail.com> 2023-01-30 11:42:45 -0500
commit: 0c021ef938622e9d69539075e56bb35c3b4ef7cf (patch)
tree: 1dba83ba4f75d5765ae213349e61ee4f8411d327 /src/api
parent: dont log admin stuff (diff)
download: xssbook-0c021ef938622e9d69539075e56bb35c3b4ef7cf.tar.gz
xssbook-0c021ef938622e9d69539075e56bb35c3b4ef7cf.tar.bz2
xssbook-0c021ef938622e9d69539075e56bb35c3b4ef7cf.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/api/admin.rs b/src/api/admin.rs
index bda1ae2..7de5fc0 100644
--- a/src/api/admin.rs
+++ b/src/api/admin.rs
@@ -30,8 +30,8 @@ async fn auth(cookies: Cookies, Json(body): Json<AdminAuthRequest>) -> Response
     }
 
     let mut cookie = Cookie::new("admin", admin::regen_secret().await);
-    cookie.set_secure(false);
-    cookie.set_http_only(false);
+    cookie.set_secure(true);
+    cookie.set_http_only(true);
     cookie.set_path("/");
 
     cookies.add(cookie);
author	Tyler Murphy <tylermurphy534@gmail.com>	2023-01-30 11:42:45 -0500
committer	Tyler Murphy <tylermurphy534@gmail.com>	2023-01-30 11:42:45 -0500
commit	0c021ef938622e9d69539075e56bb35c3b4ef7cf (patch)
tree	1dba83ba4f75d5765ae213349e61ee4f8411d327 /src/api
parent	dont log admin stuff (diff)
download	xssbook-0c021ef938622e9d69539075e56bb35c3b4ef7cf.tar.gz xssbook-0c021ef938622e9d69539075e56bb35c3b4ef7cf.tar.bz2 xssbook-0c021ef938622e9d69539075e56bb35c3b4ef7cf.zip