auth config

packages/plugins/auth/config.json

@@ -5,6 +5,10 @@
         "properties": {
             "jwtSecret": {
                 "type": "string"
+            },
+            "cookie": {
+                "type": "object",
+                "additionalProperties": true
             }
         },
         "required": [

packages/plugins/auth/src/server/mmorpg.ts

@@ -15,8 +15,9 @@ declare module '@rpgjs/server' {
         auth(engine: RpgServerEngine, socket) {
             const { globalConfig } = engine
             const cookie = socket.request.headers.cookie
+            const cookieConfig = engine.globalConfig.auth?.cookie
             const { jwtSecret } = globalConfig.auth
-            const token = cookie?.split('rpg-token=')[1]?.split(';')[0]
+            const token = cookie?.split((cookieConfig?.name || 'rpg-token') + '=')[1]?.split(';')[0]
             if (!token) {
                 throw new Error('No token')
             }

packages/plugins/auth/src/server/web3/verify.ts

@@ -1,5 +1,6 @@
 
 import { SiweMessage } from 'siwe'
+import { RpgServerEngine, inject } from '@rpgjs/server'
 import z from 'zod'
 import jwt from 'jsonwebtoken'
 
@@ -14,6 +15,8 @@ interface AuthConfig {
 export function playerWeb3VerifyHandler(authConfig: AuthConfig) {
     return async (req, res, next) => {
         try {
+            const server = inject(RpgServerEngine)
+
             z.object({
                 message: z.object({
                     nonce: z.string(),
@@ -47,11 +50,14 @@ export function playerWeb3VerifyHandler(authConfig: AuthConfig) {
                 token
             }
 
+            const cookie = server.globalConfig.auth?.cookie
+
             // http only
-            res.cookie('rpg-token', token, {
+            res.cookie(cookie?.name || 'rpg-token', token, {
                 httpOnly: true,
                 maxAge: 1000 * 60 * 60 * 24 * 365,
                 secure: false,
+                ...(cookie || {})
             }).send(result)
 
         } catch (error) {