Do not store JWT in document.cookie

lib/www/client/source/src/store/modules/user/actions.js

@@ -25,20 +25,22 @@ async function login ({ commit, dispatch }, loginRequest) {
 async function logout ({ commit, dispatch }) {
   commit('setToken', null);
   commit('setUser', null);
-  commit('setCookie', {value: null});
   await dispatch('api', ["/logout"]);
   commit('setPreferences', {});
 }
 
 function setCookie(context, {name, value, expiry, path}) {
-  if (!name) name = "JWT";
   if (!path) path = "/";
   if (!value) value = "";
 
-  if (expiry) {
-    document.cookie = `${name}=${value}; expiry=${(new Date(expiry)).toUTCString()}; path=${path}`;
+  if (name) {
+    if (expiry) {
+      document.cookie = `${name}=${value}; expiry=${(new Date(expiry)).toUTCString()}; path=${path}`;
+    } else {
+      document.cookie = `${name}=${value}; path=${path}`;
+    }
   } else {
-    document.cookie = `${name}=${value}; path=${path}`;
+    console.warn(`seCookie: You must supply a name`);
   }
 }
 
@@ -60,17 +62,6 @@ function setCredentials({ state, commit, getters, dispatch, rootState }, { force
       commit('setToken', tokenValue);
       commit('setUser', decoded ? new User(decoded, rootState.api.api) : null);
 
-      if (tokenValue && decoded) {
-        if (decoded?.exp) {
-          dispatch('setCookie', {value: tokenValue, expiry: decoded.exp*1000});
-        } else {
-          dispatch('setCookie', {value: tokenValue});
-        }
-      } else {
-        // Clear the cookie
-        dispatch('setCookie', {value: "", expiry: 0});
-      }
-
       console.log('Credentials refreshed at', new Date().toISOString());
     } else {
       console.log('JWT unchanged, skipping update');

lib/www/client/source/src/store/modules/user/getters.js

@@ -7,12 +7,6 @@ function jwt (state) {
   return state.token;
 }
 
-function cookie (state) {
-  if (state.token) {
-    return "JWT="+token;
-  }
-}
-
 function preferences (state) {
   return state.preferences;
 }