diff --git a/auth.ts b/auth.ts index 4287d67..6238c81 100644 --- a/auth.ts +++ b/auth.ts @@ -68,6 +68,12 @@ declare module "next-auth/jwt" { } } +const appEnv = process.env.APP_ENV ?? "local"; +const isSecure = process.env.NODE_ENV === "production"; +const sessionCookieName = isSecure + ? `__Secure-${appEnv}-chocoadmin.session-token` + : `${appEnv}-chocoadmin.session-token`; + export const { handlers: { GET, POST }, auth, @@ -81,6 +87,17 @@ export const { strategy: "jwt", maxAge: 8 * 60 * 60, }, + cookies: { + sessionToken: { + name: sessionCookieName, + options: { + httpOnly: true, + sameSite: "lax" as const, + path: "/", + secure: isSecure, + }, + }, + }, providers: [ Credentials({ credentials: {