From 41972702c5476e86c3db7b0a7942c898c7dadcc3 Mon Sep 17 00:00:00 2001
From: Daven Quinn <code@davenquinn.com>
Date: Sat, 19 Oct 2024 01:19:20 -0500
Subject: [PATCH] Attempt to fix tokens again

---
 api/routes/security.py | 27 ++++++++++++++++++++-------
 1 file changed, 20 insertions(+), 7 deletions(-)

diff --git a/api/routes/security.py b/api/routes/security.py
index 32b658c..b93f5db 100644
--- a/api/routes/security.py
+++ b/api/routes/security.py
@@ -332,13 +332,26 @@ async def redirect_callback(code: str, state: Optional[str] = None):
             #         samesite="lax",
             #     )
             # else:
-            response.set_cookie(
-                access_token_key,
-                f"Bearer {access_token}",
-                domain=domain,
-                httponly=True,
-                samesite="lax",
-            )
+
+            if "localhost" in redirect_domain:
+                # Adjust host header to localhost
+                response.headers["host"] = redirect_domain
+                response.set_cookie(
+                    access_token_key,
+                    f"Bearer {access_token}",
+                    domain="localhost",
+                    httponly=True,
+                    samesite="lax",
+                )
+
+            else:
+                response.set_cookie(
+                    access_token_key,
+                    f"Bearer {access_token}",
+                    domain=domain,
+                    httponly=True,
+                    samesite="lax",
+                )
 
             return response