keks
BABetter Auth
•Created by keks on 2/28/2025 in #bug-reports
Secure cookie prefix
Shouldnt the logic to determine the
__Secure- prefix be the same for all 3 cookie methods in https://github.com/better-auth/better-auth/blob/main/packages/better-auth/src/cookies/index.ts ?
If I understand it correctly, only the createCookie function takes into account the advanced?.useSecureCookies and baseURL.startsWith("https://") part.
I'm debugging a problem where "everything" worked until I added the next middlewara that uses getSessionCookie. This returns null for me. I'm using https locally but also tried to set advanced.useSecureCookies=true. So my cookies have the Secure prefix as expeced.2 replies