scadalink-design

dohertj2/scadalink-design

Fork 0

Commit Graph

Author	SHA1	Message	Date
Joseph Doherty	579522c586	fix(security): make auth-cookie SecurePolicy configurable for HTTP-only deployments The cookie SecurePolicy was hard-coded to Always, so the auth cookie was always marked Secure and the browser never sent it over plain HTTP — making login impossible on the HTTP-only Docker dev cluster (login succeeded server-side but every following request was unauthenticated). Add SecurityOptions.RequireHttps- Cookie (default true — production stays HTTPS-only); when false the cookie uses SameAsRequest. The docker/ central nodes set it false.	2026-05-18 02:34:02 -04:00
Joseph Doherty	eb8d5ca2c0	feat: add Docker infrastructure for 8-node cluster topology (2 central + 3 sites) Multi-stage Dockerfile with NuGet restore layer caching, per-node appsettings with Docker hostnames, shared bridge network with infra services, and build/deploy/teardown scripts. Ports use 90xx block to avoid conflicts.	2026-03-17 22:12:50 -04:00

Author

SHA1

Message

Date

Joseph Doherty

579522c586

fix(security): make auth-cookie SecurePolicy configurable for HTTP-only deployments

The cookie SecurePolicy was hard-coded to Always, so the auth cookie was always
marked Secure and the browser never sent it over plain HTTP — making login
impossible on the HTTP-only Docker dev cluster (login succeeded server-side but
every following request was unauthenticated). Add SecurityOptions.RequireHttps-
Cookie (default true — production stays HTTPS-only); when false the cookie uses
SameAsRequest. The docker/ central nodes set it false.

2026-05-18 02:34:02 -04:00

Joseph Doherty

eb8d5ca2c0

feat: add Docker infrastructure for 8-node cluster topology (2 central + 3 sites)

Multi-stage Dockerfile with NuGet restore layer caching, per-node appsettings
with Docker hostnames, shared bridge network with infra services, and
build/deploy/teardown scripts. Ports use 90xx block to avoid conflicts.

2026-03-17 22:12:50 -04:00

2 Commits