fix tests by disabling secure connections in TEST environment

Author: akselotti

src/lib/api/secondary-emails.remote.ts

@@ -112,7 +112,7 @@ export const reverifySecondaryEmailForm = form(
       expires: otp.expiresAt,
       path: "/",
       httpOnly: true,
-      secure: !dev,
+      secure: !dev && !env.TEST,
       sameSite: "lax",
     });
 
@@ -121,7 +121,7 @@ export const reverifySecondaryEmailForm = form(
       expires: otp.expiresAt,
       path: "/",
       httpOnly: true,
-      secure: !dev,
+      secure: !dev && !env.TEST,
       sameSite: "lax",
     });
 
@@ -196,7 +196,7 @@ export const addSecondaryEmailForm = form(addSecondaryEmailSchema, async ({ emai
       expires: otp.expiresAt,
       path: "/",
       httpOnly: true,
-      secure: !dev,
+      secure: !dev && !env.TEST,
       sameSite: "lax",
     });
 
@@ -205,7 +205,7 @@ export const addSecondaryEmailForm = form(addSecondaryEmailSchema, async ({ emai
       expires: otp.expiresAt,
       path: "/",
       httpOnly: true,
-      secure: !dev,
+      secure: !dev && !env.TEST,
       sameSite: "lax",
     });
 

src/lib/server/auth/email.ts

@@ -5,6 +5,7 @@ import { encodeBase32LowerCaseNoPadding } from "@oslojs/encoding";
 import * as table from "$lib/server/db/schema";
 import { eq } from "drizzle-orm";
 import { dev } from "$app/environment";
+import { env } from "$lib/server/env";
 import { sendMemberEmail } from "$lib/server/emails";
 
 import type { EmailOTP } from "$lib/server/db/schema";
@@ -18,7 +19,7 @@ export function setEmailCookie(event: RequestEvent, email: string, expiresAt: Da
     expires: expiresAt,
     path: "/",
     httpOnly: true,
-    secure: !dev,
+    secure: !dev && !env.TEST,
     sameSite: "lax",
   });
 }
@@ -87,7 +88,7 @@ export function setEmailOTPCookie(event: RequestEvent, otp: EmailOTP): void {
   event.cookies.set(emailOTPCookieName, otp.id, {
     httpOnly: true,
     path: "/",
-    secure: !dev,
+    secure: !dev && !env.TEST,
     sameSite: "lax",
     expires: otp.expiresAt,
   });
@@ -97,7 +98,7 @@ export function deleteEmailOTPCookie(event: RequestEvent): void {
   event.cookies.delete(emailOTPCookieName, {
     httpOnly: true,
     path: "/",
-    secure: !dev,
+    secure: !dev && !env.TEST,
     sameSite: "lax",
     maxAge: 0,
   });

src/lib/server/auth/session.ts

@@ -3,6 +3,7 @@ import { eq } from "drizzle-orm";
 import { sha256 } from "@oslojs/crypto/sha2";
 import { encodeBase64url, encodeHexLowerCase } from "@oslojs/encoding";
 import { dev } from "$app/environment";
+import { env } from "$lib/server/env";
 import { db } from "$lib/server/db";
 import * as table from "$lib/server/db/schema";
 const DAY_IN_MS = 1000 * 60 * 60 * 24;
@@ -78,7 +79,7 @@ export function setSessionTokenCookie(event: RequestEvent, token: string, expire
     expires: expiresAt,
     path: "/",
     httpOnly: true,
-    secure: !dev,
+    secure: !dev && !env.TEST,
     sameSite: "lax",
   });
 }