From 949581d81c012322431a0ee62730ab9a7372223c Mon Sep 17 00:00:00 2001
From: Max Peintner <peintnerm@gmail.com>
Date: Mon, 19 May 2025 14:41:57 +0200
Subject: [PATCH] fix: enfore secure for production environments

---
 apps/login/src/lib/cookies.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/apps/login/src/lib/cookies.ts b/apps/login/src/lib/cookies.ts
index 76f5580a16..28393f1321 100644
--- a/apps/login/src/lib/cookies.ts
+++ b/apps/login/src/lib/cookies.ts
@@ -31,7 +31,8 @@ async function setSessionHttpOnlyCookie<T>(
     value: JSON.stringify(sessions),
     httpOnly: true,
     path: "/",
-    sameSite,
+    sameSite: process.env.NODE_ENV === "production" ? sameSite : "lax",
+    secure: process.env.NODE_ENV === "production",
   });
 }