From 46fd732ee63a3686a1f8cca732180a01cb42e0cd Mon Sep 17 00:00:00 2001
From: Peng Xiao <pengxiao@outlook.com>
Date: Sat, 9 Sep 2023 14:42:09 +0800
Subject: [PATCH] fix: cookie name (#4293)

---
 apps/server/src/modules/auth/next-auth.controller.ts | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/server/src/modules/auth/next-auth.controller.ts b/apps/server/src/modules/auth/next-auth.controller.ts
index 6119439e9a..1e562e7088 100644
--- a/apps/server/src/modules/auth/next-auth.controller.ts
+++ b/apps/server/src/modules/auth/next-auth.controller.ts
@@ -148,13 +148,15 @@ export class NextAuthController {
     }
 
     let nextAuthTokenCookie: (CookieOption & { value: string }) | undefined;
+    const cookiePrefix = this.config.node.prod ? '__Secure-' : '';
+    const sessionCookieName = `${cookiePrefix}next-auth.session-token`;
     // next-auth credentials login only support JWT strategy
     // https://next-auth.js.org/configuration/providers/credentials
     // let's store the session token in the database
     if (
       credentialsSignIn &&
       (nextAuthTokenCookie = cookies?.find(
-        ({ name }) => name === 'next-auth.session-token'
+        ({ name }) => name === sessionCookieName
       ))
     ) {
       const cookieExpires = new Date();