From ce2682f6ccaa0b5b30febe18488d5be0326d911a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristijan=20Kora=C4=87?= <korac.kristijan@gmail.com>
Date: Thu, 27 Jan 2022 11:25:36 +0100
Subject: [PATCH 1/2] feat: enable setting domain explicitly

---
 src/api/loginHandler.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/api/loginHandler.ts b/src/api/loginHandler.ts
index 222591f..a3ccc10 100644
--- a/src/api/loginHandler.ts
+++ b/src/api/loginHandler.ts
@@ -11,6 +11,7 @@ interface PasswordProtectHandlerOptions {
   cookieName?: string;
   cookieSameSite?: boolean | 'lax' | 'none' | 'strict';
   cookieSecure?: boolean;
+  domain?: string;
 }
 
 export const loginHandler = (
@@ -40,6 +41,7 @@ export const loginHandler = (
          */
         jwt.sign({}, password),
         {
+          domain: options?.domain,
           httpOnly: true,
           sameSite: options?.cookieSameSite || false,
           secure:

From ac384e2c3bdaab5f117c3f223675f7c762ad4fd0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristijan=20Kora=C4=87?= <korac.kristijan@gmail.com>
Date: Thu, 27 Jan 2022 11:30:27 +0100
Subject: [PATCH 2/2] test: setting the cookie domain

---
 src/api/__tests__/loginHandler.test.ts | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/api/__tests__/loginHandler.test.ts b/src/api/__tests__/loginHandler.test.ts
index fb2013f..3ab4da3 100644
--- a/src/api/__tests__/loginHandler.test.ts
+++ b/src/api/__tests__/loginHandler.test.ts
@@ -73,6 +73,25 @@ describe('[api] loginHandler', () => {
     jest.restoreAllMocks();
   });
 
+  it('should set the domain if configured', async () => {
+    const { req, res } = createMocks(
+      { method: 'POST', body: { password: 'password' } },
+      { eventEmitter: EventEmitter },
+    );
+
+    const domain = 'storyofams.com';
+    await loginHandler('password', { domain })(req, res);
+
+    expect(res._getStatusCode()).toBe(200);
+    expect(res._getHeaders()).toMatchObject({
+      'set-cookie': expect.stringMatching(
+        new RegExp(
+          `^next-password-protect=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\\..+\\..+; Domain=${domain}; Path=\\/; HttpOnly$`,
+        ),
+      ),
+    });
+  });
+
   it('should reject on incorrect password', async () => {
     const { req, res } = createMocks(
       { method: 'POST', body: { password: 'incorrect' } },