From 2a0b62d26dd253779c0e02933259cf3fe35c5c99 Mon Sep 17 00:00:00 2001
From: nico <nico@lifeisabug.com>
Date: Thu, 22 Nov 2018 18:09:04 +0100
Subject: [PATCH] Fix #3343 (#3383)

Setting "X-Forwarded-Proto: https" in the SSL proxy is the correct way to do this
---
 src/server/api/common/signin.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/server/api/common/signin.ts b/src/server/api/common/signin.ts
index 8d44b377fe..3a5ba0ea04 100644
--- a/src/server/api/common/signin.ts
+++ b/src/server/api/common/signin.ts
@@ -9,8 +9,8 @@ export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) {
 		path: '/',
 		domain: config.hostname,
 		// SEE: https://github.com/koajs/koa/issues/974
-		//secure: config.url.startsWith('https'),
-		secure: false,
+		// When using a SSL proxy it should be configured to add the "X-Forwarded-Proto: https" header
+		secure: config.url.startsWith('https'),
 		httpOnly: false,
 		expires: new Date(Date.now() + expires),
 		maxAge: expires