Merge branch 'dev' into auth

modules/auth/handlers/handlers.go

@@ -71,7 +71,7 @@ func (s Server) generateTokens(userID string) (accessToken string, refreshToken
 		//TODO: add created_at
 	}
 	at := jwt.NewWithClaims(jwt.SigningMethodHS256, accessClaims)
-	accessToken, err = at.SignedString(s.JwtPrivateKey)
+	accessToken, err = at.SignedString([]byte(s.JwtPrivateKey))
 	if err != nil {
 		return "", "", "", err
 	}
@@ -81,7 +81,7 @@ func (s Server) generateTokens(userID string) (accessToken string, refreshToken
 		"exp":     time.Now().Add(7 * 24 * time.Hour).Unix(),
 	}
 	rt := jwt.NewWithClaims(jwt.SigningMethodHS256, refreshClaims)
-	refreshToken, err = rt.SignedString(s.JwtPrivateKey)
+	refreshToken, err = rt.SignedString([]byte(s.JwtPrivateKey))
 	if err != nil {
 		return "", "", "", err
 	}
@@ -150,7 +150,7 @@ func (s Server) PostSignIn(ctx context.Context, req auth.PostSignInRequestObject
 	ginCtx.SetSameSite(http.SameSiteStrictMode)
 	ginCtx.SetCookie("access_token", accessToken, 900, "/api", "", false, true)
 	ginCtx.SetCookie("refresh_token", refreshToken, 1209600, "/auth", "", false, true)
-	ginCtx.SetCookie("xsrf_token", csrfToken, 1209600, "/api", "", false, false)
+	ginCtx.SetCookie("xsrf_token", csrfToken, 1209600, "/", "", false, false)
 
 	result := auth.PostSignIn200JSONResponse{
 		UserId:   user.ID,