From 7f0d8b63f97f87f00132390f6388a6be60395d38 Mon Sep 17 00:00:00 2001
From: Sebastian Serth <Sebastian.Serth@hpi.de>
Date: Sat, 3 Sep 2022 10:50:29 +0200
Subject: [PATCH] Use Cookie Prefix in Production and Staging

---
 config/initializers/session_store.rb | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 55ea37a8..b1fae6e4 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -2,8 +2,19 @@
 
 # Be sure to restart your server when you modify this file.
 
+def self.cookie_prefix
+  if (Rails.env.production? || Rails.env.staging?) \
+    && Rails.application.config.relative_url_root == '/'
+    '__Host-'
+  elsif Rails.env.production? || Rails.env.staging?
+    '__Secure-'
+  else
+    ''
+  end
+end
+
 Rails.application.config.session_store :cookie_store,
-  key: '_code_ocean_session',
+  key: "#{cookie_prefix}CodeOcean-Session",
   expire_after: 1.month,
   secure: Rails.env.production? || Rails.env.staging?,
   path: Rails.application.config.relative_url_root,