change csrf cookie to secure not host

msukkari · msukkari · commit 354b00440273 · 2025-02-14T12:32:36.000-08:00
diff --git a/packages/web/src/auth.ts b/packages/web/src/auth.ts
@@ -99,7 +99,7 @@ export const { handlers, signIn, signOut, auth } = NextAuth({
             }
         },
         csrfToken: {
-            name: `${useSecureCookies ? '__Host-' : ''}authjs.csrf-token`,
+            name: `${useSecureCookies ? '__Secure-' : ''}authjs.csrf-token`,
             options: {
                 httpOnly: true,
                 sameSite: 'lax',

Original file line number	Diff line number	Diff line change
`@@ -99,7 +99,7 @@ export const { handlers, signIn, signOut, auth } = NextAuth({`
`99`	`99`	`}`
`100`	`100`	`},`
`101`	`101`	`csrfToken: {`
`102`		- name: `${useSecureCookies ? '__Host-' : ''}authjs.csrf-token`,
	`102`	+ name: `${useSecureCookies ? '__Secure-' : ''}authjs.csrf-token`,
`103`	`103`	`options: {`
`104`	`104`	`httpOnly: true,`
`105`	`105`	`sameSite: 'lax',`