From 354b0044027389b6fbf803127c6be655a8b8438c Mon Sep 17 00:00:00 2001
From: msukkari <michael.sukkarieh@mail.mcgill.ca>
Date: Fri, 14 Feb 2025 12:32:36 -0800
Subject: [PATCH] change csrf cookie to secure not host

---
 packages/web/src/auth.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/web/src/auth.ts b/packages/web/src/auth.ts
index 84063fbe..274bf434 100644
--- a/packages/web/src/auth.ts
+++ b/packages/web/src/auth.ts
@@ -99,7 +99,7 @@ export const { handlers, signIn, signOut, auth } = NextAuth({
             }
         },
         csrfToken: {
-            name: `${useSecureCookies ? '__Host-' : ''}authjs.csrf-token`,
+            name: `${useSecureCookies ? '__Secure-' : ''}authjs.csrf-token`,
             options: {
                 httpOnly: true,
                 sameSite: 'lax',