From 10c6c807bf7781c195a031ada1a6dd257efd4034 Mon Sep 17 00:00:00 2001
From: orhtej2 <2871798+orhtej2@users.noreply.github.com>
Date: Tue, 26 Mar 2024 01:04:43 +0100
Subject: [PATCH] Return auth cookie valid for whole main domain.

---
 src/authenticators/ldap_ynhuser.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/authenticators/ldap_ynhuser.py b/src/authenticators/ldap_ynhuser.py
index 31378526d..8a5fef9d4 100644
--- a/src/authenticators/ldap_ynhuser.py
+++ b/src/authenticators/ldap_ynhuser.py
@@ -199,6 +199,7 @@ class Authenticator(BaseAuthenticator):
             path="/",
             # Doesn't this cause issues ? May cause issue if the portal is on different subdomain than the portal API ? Will surely cause issue for development similar to CORS ?
             samesite="strict" if not is_dev else None,
+            domain=f".{request.get_header('host')}",
         )
 
         # Create the session file (expiration mechanism)