use secure cookie prefix when decrypting jwt

Fiery-132 · Fiery-132 · commit 8352ffda9527 · 2026-02-11T14:45:06.000+01:00
diff --git a/src/lib/server/getDecryptedJWT.ts b/src/lib/server/getDecryptedJWT.ts
@@ -13,7 +13,12 @@ import { getToken, type JWT } from "@auth/core/jwt";
  */
 export const getDecryptedJWT = async (req: Request): Promise<JWT | null> => {
   console.log("[DEBUG] AUTH_SECRET:", env.AUTH_SECRET);
-  const token = await getToken({ req, secret: env.AUTH_SECRET });
+  console.log("[DEBUG] Incoming request:", req);
+  const token = await getToken({
+    req,
+    secret: env.AUTH_SECRET,
+    secureCookie: env.NODE_ENV === "production",
+  });
   console.log("[DEBUG] Decrypted JWT:", token);
 
   return token;
