fix: credentials login not working cause of cookie secure flag not possible for http (#1421)

* fix: credentials login not working cause of cookie secure flag not possible for http * chore: add missing comment * fix: lint issue
2024-11-04 19:20:19 +01:00
parent 97eb4c54e2
commit cf5bcab732
4 changed files with 24 additions and 12 deletions
--- a/packages/auth/configuration.ts
+++ b/packages/auth/configuration.ts
@@ -18,7 +18,11 @@ import { createRedirectUri } from "./redirect";
 import { expireDateAfter, generateSessionToken, sessionTokenCookieName } from "./session";

 // See why it's unknown in the [...nextauth]/route.ts file
-export const createConfiguration = (provider: SupportedAuthProvider | "unknown", headers: ReadonlyHeaders | null) => {
+export const createConfiguration = (
+  provider: SupportedAuthProvider | "unknown",
+  headers: ReadonlyHeaders | null,
+  useSecureCookies: boolean,
+) => {
  const adapter = createAdapter(db, provider);
  return NextAuth({
    logger: {
@@ -37,12 +41,6 @@ export const createConfiguration = (provider: SupportedAuthProvider | "unknown",
    cookies: {
      sessionToken: {
        name: sessionTokenCookieName,
-        options: {
-          httpOnly: true,
-          sameSite: "lax",
-          path: "/",
-          secure: true,
-        },
      },
    },
    adapter,
@@ -81,7 +79,7 @@ export const createConfiguration = (provider: SupportedAuthProvider | "unknown",
          expires: expires,
          httpOnly: true,
          sameSite: "lax",
-          secure: true,
+          secure: useSecureCookies,
        });

        return true;