From ff3820121510c0363e2b076e25751b5a634a4f15 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=EC=9B=90=EB=8D=94?= <wonderbotsupport@naver.com>
Date: Fri, 12 Feb 2021 16:55:06 +0900
Subject: [PATCH] feat: using httpOnly cookie

---
 pages/api/auth/discord/callback.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pages/api/auth/discord/callback.ts b/pages/api/auth/discord/callback.ts
index 019fef1..8758896 100644
--- a/pages/api/auth/discord/callback.ts
+++ b/pages/api/auth/discord/callback.ts
@@ -50,6 +50,7 @@ const Callback = nc<ApiRequest, NextApiResponse>()
 		res.setHeader('set-cookie', serialize('token', userToken, {
 			expires: new Date(info.exp * 1000),
 			secure: process.env.NODE_ENV === 'production',
+			httpOnly: true,
 			path: '/'
 		}))
 		res.redirect(301, '/callback/discord')