From 3cde652d52985365d1daf370065753f54e765f9d Mon Sep 17 00:00:00 2001
From: Parker <contact@pkrm.dev>
Date: Fri, 8 Nov 2024 15:13:33 -0600
Subject: [PATCH] Set cookie on /refresh

---
 app/routes/auth_routes.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/routes/auth_routes.py b/app/routes/auth_routes.py
index cc7cc24..3054e22 100644
--- a/app/routes/auth_routes.py
+++ b/app/routes/auth_routes.py
@@ -58,6 +58,7 @@ async def login_for_access_token(
 @router.post("/refresh")
 async def refresh_access_token(
     current_user: Annotated[User, Depends(refresh_get_current_user)],
+    response: Response,
 ) -> Token:
     """
     Return a new access token if the refresh token is valid
@@ -67,7 +68,6 @@ async def refresh_access_token(
         data={"sub": current_user.id, "refresh": False},
         expires_delta=access_token_expires,
     )
-    return Token(
-        access_token=access_token,
-        token_type="bearer",
-    )
+    response = JSONResponse(content={"success": True})
+    response.set_cookie(key="access_token", value=access_token, httponly=True)
+    return response