feat(core): Enable to change the name of the cookie for Admin API

[gdarchen]

Issue

Fixes #2481

Description

In this PR, I added a new authOptions.adminCookieName optional parameter in the Vendure config.
It makes it possible to give a custom name to the token set for the Admin API than the one given to the Shop API.

For now, here is the cookie naming behavior:

• If not setting the authOptions.cookieOptions.name parameter:
  • Both the Admin API and Shop API cookies names will be the default one: 'session'
• If setting the authOptions.cookieOptions.name parameter to something like 'cookie-name':
  • Both the Admin API and Shop API cookies names will be the configured one: 'cookie-name'

There is currently no way to give a custom name to the Admin API cookies, different from the Shop API ones.

With this changes, we can therefore set different cookies names for both APIs.

How to test

1. In the dev-config.ts, change the authOptions as follows to name Shop API cookies shop-api and shop-api.sign, and the Admin API cookies admin-api and admin-api.sig:

    authOptions: {
        disableAuth: false,
        tokenMethod: ['bearer', 'cookie'] as const,
        requireVerification: true,
        customPermissions: [],
        cookieOptions: {
            name: "shop-api",
            secret: 'abc',
        },
        adminCookieName: 'admin-api'
    },

2. Start the dev-server
3. Open the GraphQL playground on the /admin-api and authenticate
4. You should see the following cookies
   
5. Open the GraphQL playground on the /shop-api and authenticate
6. You should now see the following cookies
   

[netlify]

✅ Deploy Preview for effervescent-donut-4977b2 ready!

Name	Link
🔨 Latest commit	203fd90
🔍 Latest deploy log	https://app.netlify.com/sites/effervescent-donut-4977b2/deploys/653ba2ead7cbc6000850026f
😎 Deploy Preview	https://deploy-preview-2482--effervescent-donut-4977b2.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[michaelbromley]

I have a deep-seated aversion to adding new config properties to the Vendure config object. So here's another suggestion:

what if we change the type of the existing cookieOptions.name property to:

{
  name: string | { shop: string; admin: string; }
}

Internally the implementation could be similar, but just check the type of this property.

[gdarchen]

I have a deep-seated aversion to adding new config properties to the Vendure config object. So here's another suggestion:

what if we change the type of the existing cookieOptions.name property to:

{
  name: string | { shop: string; admin: string; }
}

Internally the implementation could be similar, but just check the type of this property.

Done in ead93f1 (#2482)

I tested locally using the GraphQL Playgrounds and it seems to work as expected 😊

[michaelbromley]

Thanks, it looks good. I just suggested a small refactor to avoid duplication in the testing package and make maintenance easier.

Also I think this should go on the minor branch because it's a new API being added.

[michaelbromley]

Thank you!

[gdarchen]

Hello @michaelbromley (and happy new year, it's allowed since we are still in January 🎉!),

Do you have an estimated release date of the future [email protected] including this change?
This is really awaited by our admins ☺️

[michaelbromley]

Hi,
No fixed date, but I'd like to get it released in February. In the mean time you could consider using the @next release (currently 2.2.0-next.1) which already includes this feature.

[daniel-lxs]

Is this feature released? or is it still pending?

[michaelbromley]

final release of v2.2 will be next week