From afc8cf7dfa28bf704899c4a88097c90ae6cb7650 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BA=84=E5=BB=BA=E5=9B=BD?= <9340100@qq.com>
Date: Mon, 9 Dec 2024 13:19:01 +0000
Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E6=8C=81=20samesite=3Dnone=20cookie?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .env                          | 4 +++-
 packages/utils/src/cookies.ts | 7 +++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.env b/.env
index f2e8c88283..7fd9388c6d 100644
--- a/.env
+++ b/.env
@@ -39,4 +39,6 @@ STEEDOS_AMIS_URL=
 
 # 资产包
 STEEDOS_UNPKG_URL=
-STEEDOS_PUBLIC_PAGE_ASSETURLS=
\ No newline at end of file
+STEEDOS_PUBLIC_PAGE_ASSETURLS=
+
+STEEDOS_AUTH_COOKIES_USE_SAMESITE=None
diff --git a/packages/utils/src/cookies.ts b/packages/utils/src/cookies.ts
index 2c3bf55195..8951277c7c 100644
--- a/packages/utils/src/cookies.ts
+++ b/packages/utils/src/cookies.ts
@@ -14,7 +14,7 @@ function getSubdomain(host) {
 }
 
 export function setCookie(req, res, name, value, options = {domain: null, maxAge: 0, httpOnly: true, overwrite: true}) {
-  const cookies = new Cookies(req, res);
+  const cookies = new Cookies(req, res, {secure: true});
   const host = req.headers.host;
   if(host && useSubdomainCookies && psl.isValid(host)){
     const domain = getSubdomain(host);
@@ -23,13 +23,16 @@ export function setCookie(req, res, name, value, options = {domain: null, maxAge
 
   if(sameSite){
     (options as any).sameSite = sameSite;
+    if (sameSite === 'None') {
+      (options as any).secure = true;
+    }
   }
 
   cookies.set(name, value, options);
 }
 
 export function clearCookie(req, res, name, options = {domain: null, maxAge: 0, httpOnly: true, overwrite: true}) {
-  const cookies = new Cookies(req, res);
+  const cookies = new Cookies(req, res, {secure: true});
   const host = req.headers.host;
   if(host && useSubdomainCookies && psl.isValid(host)){
     const domain = getSubdomain(host);