SUPPORT-8427: Fix

backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java

@@ -192,12 +192,17 @@ public class EsiaAuthService {
 
       EsiaAccessToken esiaAccessToken = ulDataService.readToken(accessToken);
       Token token = jwtTokenService.createAccessToken(esiaAccessToken.getSbj_id(), tokenResponse.getExpires_in());
-      Cookie isAuthToken = new Cookie("auth_token", token.getValue());
-      isAuthToken.setPath("/");
-      response.addCookie(isAuthToken);
+      Cookie authToken = new Cookie("auth_token", token.getValue());
+      authToken.setPath("/");
+      authToken.setHttpOnly(true);
+      response.addCookie(authToken);
       SecurityContextHolder.getContext()
           .setAuthentication(
               new UsernamePasswordAuthenticationToken(esiaAccessToken.getSbj_id(), null));
+
+      Cookie isAuth = new Cookie("is_auth", "true");
+      isAuth.setPath("/");
+      response.addCookie(isAuth);
       return true;
     }
     catch (Exception e) {
@@ -276,12 +281,17 @@ public class EsiaAuthService {
       response.addCookie(cookieRefresh);
       EsiaAccessToken esiaAccessToken = ulDataService.readToken(accessToken);
       Token token = jwtTokenService.createAccessToken(esiaAccessToken.getSbj_id(), tokenResponse.getExpires_in());
-      Cookie isAuthToken = new Cookie("auth_token", token.getValue());
-      isAuthToken.setPath("/");
-      response.addCookie(isAuthToken);
+      Cookie authToken = new Cookie("auth_token", token.getValue());
+      authToken.setPath("/");
+      authToken.setHttpOnly(true);
+      response.addCookie(authToken);
       SecurityContextHolder.getContext()
           .setAuthentication(
               new UsernamePasswordAuthenticationToken(esiaAccessToken.getSbj_id(), null));
+
+      Cookie isAuth = new Cookie("is_auth", "true");
+      isAuth.setPath("/");
+      response.addCookie(isAuth);
     }
     catch (Exception e) {
       throw new RuntimeException(e);
@@ -326,7 +336,7 @@ public class EsiaAuthService {
       if (cookies != null)
         for (Cookie cookie : cookies) {
           if (cookie.getName().equals("auth_token") || cookie.getName().equals("refresh_token")
-              || cookie.getName().equals("access_token")) {
+              || cookie.getName().equals("access_token") || cookie.getName().equals("is_auth")) {
             cookie.setValue("");
             cookie.setPath("/");
             cookie.setMaxAge(0);

frontend/src/ts/esia/OrgDataRoot.ts

@@ -15,7 +15,7 @@ export class OrgDataRoot extends Behavior{
     let orgScripts: OrgData[] = this.container.getScriptsInThisAndChildren(OrgData);
     let httpClient = this.injector.get(HttpClient);
     let cookieService = this.injector.get(CookieService);
-    if (cookieService.get("auth_token")) {
+    if (cookieService.get("is_auth")) {
       httpClient.get<OrgInfoModel>("esia/org")
           .toPromise()
           .then(orgInfoModel => {

frontend/src/ts/modules/app/component/logout.component.ts

@@ -43,7 +43,7 @@ export class LogOutComponent implements OnInit{
   }
 
   public getIsAuth(): boolean {
-    return this.cookieService.get("auth_token") != null;
+    return this.cookieService.get("is_auth") != null;
   }
 
   public getOrgUnitName(): string {

frontend/src/ts/modules/security/guard/auth.guard.ts

@@ -56,6 +56,6 @@ export abstract class AuthGuard implements CanActivate {
   };
 
   public getIsAuth(): string {
-    return this.cookieService.get('auth_token');
+    return this.cookieService.get('is_auth');
   }
 }