From 949581d81c012322431a0ee62730ab9a7372223c Mon Sep 17 00:00:00 2001
From: Max Peintner <peintnerm@gmail.com>
Date: Mon, 19 May 2025 14:41:57 +0200
Subject: [PATCH 1/2] fix: enfore secure for production environments

---
 apps/login/src/lib/cookies.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/apps/login/src/lib/cookies.ts b/apps/login/src/lib/cookies.ts
index 76f5580a16..28393f1321 100644
--- a/apps/login/src/lib/cookies.ts
+++ b/apps/login/src/lib/cookies.ts
@@ -31,7 +31,8 @@ async function setSessionHttpOnlyCookie<T>(
     value: JSON.stringify(sessions),
     httpOnly: true,
     path: "/",
-    sameSite,
+    sameSite: process.env.NODE_ENV === "production" ? sameSite : "lax",
+    secure: process.env.NODE_ENV === "production",
   });
 }
 

From 29eeef798ad10586bcd33a87a241ae905fca19b4 Mon Sep 17 00:00:00 2001
From: Max Peintner <peintnerm@gmail.com>
Date: Mon, 19 May 2025 14:43:54 +0200
Subject: [PATCH 2/2] add NODE_ENV to turbo.json

---
 turbo.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/turbo.json b/turbo.json
index c8d8b18af3..d26bdd8f56 100644
--- a/turbo.json
+++ b/turbo.json
@@ -12,7 +12,8 @@
     "ZITADEL_API_URL",
     "ZITADEL_SERVICE_USER_TOKEN",
     "NEXT_PUBLIC_BASE_PATH",
-    "CUSTOM_REQUEST_HEADERS"
+    "CUSTOM_REQUEST_HEADERS",
+    "NODE_ENV"
   ],
   "tasks": {
     "generate": {