sso-bsn/lib/sso_bsn_web/endpoint.ex

defmodule SsoBsnWeb.Endpoint do
  use Phoenix.Endpoint, otp_app: :sso_bsn

  # The session will be stored in the cookie and signed,
  # this means its contents can be read but not tampered with.
  # Set :encryption_salt if you would also like to encrypt it.
  @session_options [
    store: :cookie,
    key: "_sso_bsn_key",
    signing_salt: "2YoB6zeO",
    same_site: "Lax"
  ]

  def domain(), do: Application.get_env(:sso_bsn, :session_domain)
  def session_options(opts),
    do: Keyword.put(opts, :domain, domain())

  defmodule RuntimeDomainSession do
    def init(opts), do: Plug.Session.init(opts)

    def call(conn, opts) do
      Plug.Session.call(conn, opts |> Map.update(:cookie_opts, [], &(Keyword.put(&1, :domain, SsoBsnWeb.Endpoint.domain()))))
    end
  end

  socket "/live", Phoenix.LiveView.Socket,
    websocket: [connect_info: [session: {__MODULE__, :session_options, [@session_options]}]]

  # Serve at "/" the static files from "priv/static" directory.
  #
  # You should set gzip to true if you are running phx.digest
  # when deploying your static files in production.
  plug Plug.Static,
    at: "/",
    from: :sso_bsn,
    gzip: true,
    only: SsoBsnWeb.static_paths()

  # Code reloading can be explicitly enabled under the
  # :code_reloader configuration of your endpoint.
  if code_reloading? do
    socket "/phoenix/live_reload/socket", Phoenix.LiveReloader.Socket
    plug Phoenix.LiveReloader
    plug Phoenix.CodeReloader
    plug Phoenix.Ecto.CheckRepoStatus, otp_app: :sso_bsn
  end

  plug Phoenix.LiveDashboard.RequestLogger,
    param_key: "request_logger",
    cookie_key: "request_logger"

  plug Plug.RequestId
  plug Plug.Telemetry, event_prefix: [:phoenix, :endpoint]

  plug Plug.Parsers,
    parsers: [:urlencoded, :multipart, :json],
    pass: ["*/*"],
    json_decoder: Phoenix.json_library()

  plug Plug.MethodOverride
  plug Plug.Head
  plug RuntimeDomainSession, @session_options
  plug SsoBsnWeb.Router
end