Move auth session persistence to true HttpOnly cookies
This commit is contained in:
Jage9
@@ -28,6 +28,7 @@ Notes:
|
||||
- Server bind/port defaults are `127.0.0.1:8765` unless changed in config or CLI flags.
|
||||
- Client dev defaults to Vite local host/port (`localhost:5173`) unless flags override.
|
||||
- Auth requires `CHGRID_AUTH_SECRET` in server environment; `deploy/scripts/install_server.sh` creates `server/.env` with this value automatically if missing.
|
||||
- Saved login/session persistence uses a server-set `HttpOnly` cookie (`chgrid_session_token`).
|
||||
|
||||
Common server overrides:
|
||||
- `uv run python main.py --config /path/to/config.toml`
|
||||
|
||||
Reference in New Issue
Block a user