default cookies to insecure for development

FamilySearch · Mar 3, 2017 · abcf6a9 · abcf6a9
1 parent c631dcb
commit abcf6a9
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 1 deletion.
diff --git a/app.js b/app.js
@@ -3,6 +3,7 @@ var path = require('path');
 var favicon = require('serve-favicon');
 var logger = require('morgan');
 var session = require('express-session');
+var config = require('config');
 
 var app = express();
 
@@ -27,7 +28,7 @@ app.use(session({
   secret: 'pedigree browser session secret',
   resave: false,
   saveUninitialized: false,
-  cookie: { secure: true }
+  cookie: { secure: config.get('session.cookie.secure') }
 }));
 
 // Use morgan to log all incoming requests. Defaults to Apache style logs.

diff --git a/config/default.json b/config/default.json
@@ -2,5 +2,10 @@
   "FS": {
     "environment": "integration",
     "appKey": "a02j000000KTRjpAAH"
+  },
+  "session": {
+    "cookie": {
+      "secure": false
+    }
   }
 }
diff --git a/config/production.json b/config/production.json
@@ -1,5 +1,10 @@
 {
   "FS": {
     "environment": "production"
+  },
+  "session": {
+    "cookie": {
+      "secure": true
+    }
   }
 }