From 0dfc6c96ee82e6dfbfe0004acce736d3798c5826 Mon Sep 17 00:00:00 2001
From: Henry-Hiles <henry@henryhiles.com>
Date: Sun, 22 Jun 2025 15:04:10 -0400
Subject: [PATCH] Use cookie

---
 lib/helpers/api_helper.dart | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/lib/helpers/api_helper.dart b/lib/helpers/api_helper.dart
index 950a97e..026be21 100644
--- a/lib/helpers/api_helper.dart
+++ b/lib/helpers/api_helper.dart
@@ -73,16 +73,13 @@ class ApiHelper {
       return Response(400, body: "Token post failed");
     }
 
-    final uri = Uri.parse(redirectUri).replace(
-      queryParameters: {
-        ...Uri.parse(redirectUri).queryParameters,
-        ...(json.decode(await tokenRes.readAsString()) as Map).map(
-          (key, value) => MapEntry(key, value.toString()),
-        ),
+    return Response.found(
+      redirectUri,
+      headers: {
+        'set-cookie':
+            'id_token=${json.decode(await tokenRes.readAsString())["id_token"]}; Path=/; Secure; HttpOnly; SameSite=Lax',
       },
     );
-
-    return Response.found(uri.toString());
   }
 
   Future<Response> tokenHandler(Request request) async {
@@ -127,7 +124,6 @@ class ApiHelper {
         "id_token": token,
         "access_token": token,
         "token_type": "Bearer",
-        "expires_in": 600,
       }),
       headers: {"Content-Type": "application/json"},
     );