From 82ac820c6773df23ed61d6447146fb600e016d9b Mon Sep 17 00:00:00 2001 From: Ryan Kegel Date: Mon, 2 Mar 2026 16:01:54 -0500 Subject: [PATCH] Fixed issue with refresh token --- backend/api/auth_api.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/api/auth_api.py b/backend/api/auth_api.py index cf38307..07066b0 100644 --- a/backend/api/auth_api.py +++ b/backend/api/auth_api.py @@ -86,14 +86,14 @@ def _set_auth_cookies(resp, access_token: str, raw_refresh_token: str): 'refresh_token', raw_refresh_token, httponly=True, secure=True, samesite='Strict', max_age=expiry_days * 24 * 3600, - path='/auth', + path='/api/auth', ) def _clear_auth_cookies(resp): """Clear both access and refresh token cookies.""" resp.set_cookie('access_token', '', expires=0, httponly=True, secure=True, samesite='Strict') - resp.set_cookie('refresh_token', '', expires=0, httponly=True, secure=True, samesite='Strict', path='/auth') + resp.set_cookie('refresh_token', '', expires=0, httponly=True, secure=True, samesite='Strict', path='/api/auth') def _purge_expired_tokens(user_id: str):