diff --git a/server/src/auth/auth.controller.ts b/server/src/auth/auth.controller.ts
index 9a688db..e1dc999 100644
--- a/server/src/auth/auth.controller.ts
+++ b/server/src/auth/auth.controller.ts
@@ -18,6 +18,7 @@ import { UserPermsOutDto } from 'src/users/dto/user-perms-out.dto';
 import { Response } from 'express';
 import { AuthorizedRequest } from './entities/authorized-request.entity';
 import { Throttle } from '@nestjs/throttler';
+import { appConfig } from 'src/config';
 
 @Throttle({ default: { limit: 2, ttl: 60000 } })
 @ApiTags('auth')
@@ -34,6 +35,7 @@ export class AuthController {
     const token = await this.service.login(loginDto.email, loginDto.password);
     res.cookie('accessToken', token.access_token, {
       sameSite: 'none',
+      secure: appConfig.environment === 'production',
     });
 
     return token;
@@ -48,6 +50,7 @@ export class AuthController {
     const token = await this.service.register(registerDto);
     res.cookie('accessToken', token.access_token, {
       sameSite: 'none',
+      secure: appConfig.environment === 'production',
     });
     return token;
   }
diff --git a/server/src/config.ts b/server/src/config.ts
index 8f77129..99d6db5 100644
--- a/server/src/config.ts
+++ b/server/src/config.ts
@@ -24,6 +24,8 @@ export const appConfig = {
   },
 
   debug: fromEnv('DEBUG', 'false').toLowerCase() === 'true',
+
+  environment: fromEnv('NODE_ENV', 'development'),
 };
 
 console.log(appConfig);
diff --git a/server/src/oauth/oauth.controller.ts b/server/src/oauth/oauth.controller.ts
index 9eb750e..b89471b 100644
--- a/server/src/oauth/oauth.controller.ts
+++ b/server/src/oauth/oauth.controller.ts
@@ -9,6 +9,7 @@ import { oauthConfig } from './config';
 import { GithubOauthGuard } from './guards/github-oauth.guard';
 import { GoogleOauthGuard } from './guards/google-oauth.guard';
 import { OauthService } from './oauth.service';
+import { appConfig } from 'src/config';
 
 @ApiTags('oauth')
 @Public()
@@ -18,11 +19,11 @@ export class OauthController {
     private readonly oauthService: OauthService,
     private usersService: UsersService,
     private authService: AuthService,
-  ) { }
+  ) {}
 
   @Get('google')
   @UseGuards(GoogleOauthGuard)
-  async googleOAuth() { }
+  async googleOAuth() {}
 
   @Get('google/callback')
   @UseGuards(GoogleOauthGuard)
@@ -41,6 +42,7 @@ export class OauthController {
     const token = await this.authService.generateJwtToken(user.email);
     res.cookie('accessToken', token, {
       sameSite: 'none',
+      secure: appConfig.environment === 'production',
     });
 
     return res.redirect(oauthConfig.frontendUrl);
@@ -48,7 +50,7 @@ export class OauthController {
 
   @Get('github')
   @UseGuards(GithubOauthGuard)
-  async githubOAuth() { }
+  async githubOAuth() {}
 
   @Get('github/callback')
   @UseGuards(GithubOauthGuard)
@@ -66,6 +68,7 @@ export class OauthController {
     const token = await this.authService.generateJwtToken(user.email);
     res.cookie('accessToken', token, {
       sameSite: 'none',
+      secure: appConfig.environment === 'production',
     });
     return res.redirect(oauthConfig.frontendUrl);
   }