diff --git a/src/lib/supabase-ssr.ts b/src/lib/supabase-ssr.ts index 687bae2..00d7951 100644 --- a/src/lib/supabase-ssr.ts +++ b/src/lib/supabase-ssr.ts @@ -6,6 +6,15 @@ export function createSupabaseServerClient( cookies: AstroCookies, cookieOptions?: CookieOptions ) { + // Default cookie options for Docker/localhost environment + const defaultCookieOptions: CookieOptions = { + secure: false, // localhost is non-HTTPS in Docker + sameSite: 'lax', // allow cross-site cookie on navigation + path: '/', // root-wide access + httpOnly: true, // JS-inaccessible for security + maxAge: 60 * 60 * 24 * 7, // 7 days + }; + return createServerClient( import.meta.env.PUBLIC_SUPABASE_URL!, import.meta.env.PUBLIC_SUPABASE_ANON_KEY!, @@ -17,24 +26,22 @@ export function createSupabaseServerClient( }, set(name: string, value: string, options: CookieOptions) { if (!cookies) return; - // Fix cookie settings for Docker/production + // Merge with default options, allowing overrides cookies.set(name, value, { + ...defaultCookieOptions, + ...cookieOptions, ...options, - httpOnly: true, - secure: false, // Set to false for Docker/localhost - sameSite: 'lax', - path: '/' }) }, remove(name: string, options: CookieOptions) { if (!cookies) return; cookies.delete(name, { + ...defaultCookieOptions, ...options, - path: '/' }) }, }, - cookieOptions, + cookieOptions: defaultCookieOptions, } ) } diff --git a/src/lib/supabase.ts b/src/lib/supabase.ts index 99a0668..6b34de7 100644 --- a/src/lib/supabase.ts +++ b/src/lib/supabase.ts @@ -14,7 +14,13 @@ export const supabase = createClient(supabaseUrl, supabaseAnonKey, { flowType: 'pkce', autoRefreshToken: true, persistSession: true, - detectSessionInUrl: true + detectSessionInUrl: false, // disable URL-based session detection to avoid SSR redirect loops + cookieOptions: { + secure: false, // localhost is non-HTTPS in Docker + sameSite: 'lax', // allow cross-site cookie on navigation + path: '/', // root-wide access + httpOnly: true, // JS-inaccessible for security + }, } })