From c6976d7648c60b1748ec88e7fbf5ddc8f847f829 Mon Sep 17 00:00:00 2001 From: jisangs Date: Sun, 5 Jul 2026 00:17:51 +0900 Subject: [PATCH] =?UTF-8?q?=ED=99=98=EA=B2=BD=EB=B3=84=20=EA=B3=A0?= =?UTF-8?q?=EC=9C=A0=20=EC=84=B8=EC=85=98=20=EC=BF=A0=ED=82=A4=20=EC=9D=B4?= =?UTF-8?q?=EB=A6=84=20=EC=84=A4=EC=A0=95=EC=9C=BC=EB=A1=9C=20stage/produc?= =?UTF-8?q?tion=20=EC=BF=A0=ED=82=A4=20=EC=B6=A9=EB=8F=8C=20=EB=B0=A9?= =?UTF-8?q?=EC=A7=80=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- auth.ts | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/auth.ts b/auth.ts index 4287d67..6238c81 100644 --- a/auth.ts +++ b/auth.ts @@ -68,6 +68,12 @@ declare module "next-auth/jwt" { } } +const appEnv = process.env.APP_ENV ?? "local"; +const isSecure = process.env.NODE_ENV === "production"; +const sessionCookieName = isSecure + ? `__Secure-${appEnv}-chocoadmin.session-token` + : `${appEnv}-chocoadmin.session-token`; + export const { handlers: { GET, POST }, auth, @@ -81,6 +87,17 @@ export const { strategy: "jwt", maxAge: 8 * 60 * 60, }, + cookies: { + sessionToken: { + name: sessionCookieName, + options: { + httpOnly: true, + sameSite: "lax" as const, + path: "/", + secure: isSecure, + }, + }, + }, providers: [ Credentials({ credentials: {