1

2026-04-21 10:30:12 +08:00
parent ae28dab032
commit 13bc79306f
49 changed files with 3691 additions and 1357 deletions
--- a/server-node/src/config.ts
+++ b/server-node/src/config.ts
@@ -74,6 +74,11 @@ export type AppConfig = {
    mockAvatarUrl: string;
  };
  authSession: {
+    accessCookieName: string;
+    accessCookieTtlSeconds: number;
+    accessCookieSecure: boolean;
+    accessCookieSameSite: 'Lax' | 'Strict' | 'None';
+    accessCookiePath: string;
    refreshCookieName: string;
    refreshSessionTtlDays: number;
    refreshCookieSecure: boolean;
@@ -274,6 +279,11 @@ export function loadConfig(options: LoadConfigOptions = {}): AppConfig {
    'AUTH_REFRESH_COOKIE_SAME_SITE',
    'Lax',
  );
+  const accessSameSite = readString(
+    env,
+    'AUTH_ACCESS_COOKIE_SAME_SITE',
+    'Lax',
+  );

  return {
    nodeEnv,
@@ -484,6 +494,30 @@ export function loadConfig(options: LoadConfigOptions = {}): AppConfig {
      mockAvatarUrl: readString(env, 'WECHAT_MOCK_AVATAR_URL', ''),
    },
    authSession: {
+      accessCookieName: readString(
+        env,
+        'AUTH_ACCESS_COOKIE_NAME',
+        'genarrative_access_session',
+      ),
+      accessCookieTtlSeconds: readPositiveInt(
+        env,
+        'AUTH_ACCESS_COOKIE_TTL_SECONDS',
+        7200,
+      ),
+      accessCookieSecure: readBoolean(
+        env,
+        'AUTH_ACCESS_COOKIE_SECURE',
+        readString(env, 'NODE_ENV', 'development') === 'production',
+      ),
+      accessCookieSameSite:
+        accessSameSite === 'None' || accessSameSite === 'Strict'
+          ? (accessSameSite as AppConfig['authSession']['accessCookieSameSite'])
+          : 'Lax',
+      accessCookiePath: readString(
+        env,
+        'AUTH_ACCESS_COOKIE_PATH',
+        '/',
+      ),
      refreshCookieName: readString(
        env,
        'AUTH_REFRESH_COOKIE_NAME',