fix: secure passkey cookies (#1533)

2025-11-13 08:13:56 +10:00 · 2024-12-12 01:16:29 +09:00
parent 76028771b8
commit 161d40cde7
3 changed files with 16 additions and 10 deletions
--- a/packages/lib/constants/auth.ts
+++ b/packages/lib/constants/auth.ts
@ -46,3 +46,10 @@ export const PASSKEY_TIMEOUT = 60000;
 * The maximum number of passkeys are user can have.
 */
 export const MAXIMUM_PASSKEYS = 50;
+
+export const useSecureCookies =
+  process.env.NODE_ENV === 'production' && String(process.env.NEXTAUTH_URL).startsWith('https://');
+
+const secureCookiePrefix = useSecureCookies ? '__Secure-' : '';
+
+export const formatSecureCookieName = (name: string) => `${secureCookiePrefix}${name}`;