From 17de23771f0019cde2a4a80053f01433a0de51e0 Mon Sep 17 00:00:00 2001
From: Carl Sixsmith <carl.sixsmith1@justice.gov.uk>
Date: Thu, 15 Aug 2024 11:29:26 +0100
Subject: [PATCH] This hotfix allows us to turn on and off secure cookies

---
 src/Infrastructure/DependencyInjection.cs | 9 ++++++++-
 src/Server.UI/appsettings.json            | 3 ++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/Infrastructure/DependencyInjection.cs b/src/Infrastructure/DependencyInjection.cs
index 4c2c6e1c..f053e941 100644
--- a/src/Infrastructure/DependencyInjection.cs
+++ b/src/Infrastructure/DependencyInjection.cs
@@ -308,10 +308,17 @@ private static IServiceCollection AddAuthenticationService(this IServiceCollecti
 
         services.AddSingleton<IPasswordService, PasswordService>();
 
+        CookieSecurePolicy policy = CookieSecurePolicy.SameAsRequest;
+        if(configuration["IdentitySettings:SecureCookies"] is not null && configuration["IdentitySettings:SecureCookies"]!.Equals("True", StringComparison.CurrentCultureIgnoreCase))
+        {
+            policy = CookieSecurePolicy.Always;
+        }
+        
+
         services.ConfigureApplicationCookie(options => {
             options.LoginPath = "/pages/authentication/login";
             options.Cookie.SameSite = SameSiteMode.Strict;
-            options.Cookie.SecurePolicy = CookieSecurePolicy.SameAsRequest;
+            options.Cookie.SecurePolicy = policy;
         });
 
         services
diff --git a/src/Server.UI/appsettings.json b/src/Server.UI/appsettings.json
index 41383042..5296281c 100644
--- a/src/Server.UI/appsettings.json
+++ b/src/Server.UI/appsettings.json
@@ -70,7 +70,8 @@
     "RequireUpperCase": true,
     "RequireLowerCase": true,
     "DefaultLockoutTimeSpan": 30,
-    "MaxFailedAccessAttempts": 5
+    "MaxFailedAccessAttempts": 5,
+    "SecureCookies": true
   },
   "Notify": {
     "ApiKey": "",