fix: enfore secure for production environments

2025-08-12 11:07:32 +00:00 · 2025-05-19 14:41:57 +02:00
parent a4d703362f
commit 949581d81c
1 changed files with 2 additions and 1 deletions
--- a/apps/login/src/lib/cookies.ts
+++ b/apps/login/src/lib/cookies.ts
@@ -31,7 +31,8 @@ async function setSessionHttpOnlyCookie<T>(
    value: JSON.stringify(sessions),
    httpOnly: true,
    path: "/",
-    sameSite,
+    sameSite: process.env.NODE_ENV === "production" ? sameSite : "lax",
+    secure: process.env.NODE_ENV === "production",
  });
 }