IsaacIsrael · IsaacIsrael · Apr 26, 2026 · Apr 24, 2026 · Apr 24, 2026 · Apr 24, 2026
diff --git a/.eslintrc.json b/.eslintrc.json
diff --git a/eslint.config.mjs b/eslint.config.mjs
@@ -0,0 +1,52 @@
+import js from "@eslint/js";
+import globals from "globals";
+import json from "@eslint/json";
+import markdown from "@eslint/markdown";
+import css from "@eslint/css";
+import { defineConfig } from "eslint/config";
+import nextVitals from "eslint-config-next/core-web-vitals";
+import jest from "eslint-plugin-jest";
+import prettier from "eslint-config-prettier/flat";
+
+export default defineConfig([
+  {
+    files: ["**/*.{js,mjs,cjs,jsx}"],
+    plugins: { js },
+    extends: ["js/recommended"],
+    languageOptions: { globals: { ...globals.browser, ...globals.node } },
+  },
+  ...nextVitals,
+  { files: ["tests/**/*.test.js"], ...jest.configs["flat/recommended"] },
+  {
+    files: ["**/*.json"],
+    plugins: { json },
+    language: "json/json",
+    extends: ["json/recommended"],
+    ignores: ["package-lock.json"],
+  },
+  {
+    files: ["**/*.jsonc"],
+    plugins: { json },
+    language: "json/jsonc",
+    extends: ["json/recommended"],
+  },
+  {
+    files: ["**/*.json5"],
+    plugins: { json },
+    language: "json/json5",
+    extends: ["json/recommended"],
+  },
+  {
+    files: ["**/*.md"],
+    plugins: { markdown },
+    language: "markdown/gfm",
+    extends: ["markdown/recommended"],
+  },
+  {
+    files: ["**/*.css"],
+    plugins: { css },
+    language: "css/css",
+    extends: ["css/recommended"],
+  },
+  prettier,
+]);
diff --git a/infra/controller.js b/infra/controller.js
@@ -38,17 +38,18 @@ function onErrorHandler(error, request, response) {
   response.status(publicErrorObject.statusCode).json(publicErrorObject);
 }
 
-async function setSessionCookie(sessionToken, response) {
+function setSessionCookie(sessionToken, response) {
   const setCookie = cookie.serialize("session_id", sessionToken, {
     path: "/",
     maxAge: session.EXPIRATION_IN_MILLISECONDS / 1000,
     secure: process.env.NODE_ENV === "production",
     httpOnly: true,
+    sameSite: "lax",
   });
   response.setHeader("Set-Cookie", setCookie);
 }
 
-async function clearSessionCookie(response) {
+function clearSessionCookie(response) {
   const setCookie = cookie.serialize("session_id", "invalid", {
     path: "/",
     maxAge: -1,

diff --git a/infra/webserver.js b/infra/webserver.js
@@ -1,8 +1,5 @@
 function getOrigin() {
-  if (
-    ["development", "test"].includes(process.env.NODE_ENV) &&
-    !process.env.CODESPACES
-  ) {
+  if (["development", "test"].includes(process.env.NODE_ENV)) {
     return "http://localhost:3000";
   }
 

diff --git a/models/authentication.js b/models/authentication.js
@@ -2,7 +2,7 @@ import user from "models/user";
 import password from "models/password";
 import { NotFoundError, UnauthorizedError } from "infra/errors";
 
-async function getAuthenticatedUser(providerEmail, providerPassword) {
+async function getUser(providerEmail, providerPassword) {
   try {
     const storedUser = await findOneByEmail(providerEmail);
     await validatePassword(providerPassword, storedUser.password);
@@ -51,7 +51,7 @@ async function getAuthenticatedUser(providerEmail, providerPassword) {
 }
 
 const authentication = {
-  getAuthenticatedUser,
+  getUser,
 };
 
 export default authentication;