fix(portal): unable to authenticate users due to cross site cookies not enabled

Author: HasithDeAlwis

apps/portal/app/routes/_index.tsx

@@ -13,6 +13,7 @@ export const loader: LoaderFunction = async ({ request }) => {
   try {
     const API_URL = baseUrl
     const res = await fetch(`${API_URL}/api/users/me`, {
+      credentials: 'include',
       headers: { Cookie: cookie || '' },
     })
 

apps/portal/app/routes/dashboard.tsx

@@ -11,6 +11,7 @@ export const loader: LoaderFunction = async ({ request }) => {
   try {
     const API_URL = process.env.NODE_ENV === 'development' ? 'http://localhost:8000' : 'https://axiom.cuhacking.ca'
     const res = await fetch(`${API_URL}/api/users/me`, {
+      credentials: 'include',
       headers: { Cookie: cookie || '' },
     })
 

apps/portal/app/routes/login.tsx

@@ -13,6 +13,7 @@ export const loader: LoaderFunction = async ({ request }) => {
 
   try {
     const res = await fetch(`${baseUrl}/api/users/me`, {
+      credentials: 'include',
       headers: { Cookie: cookie || '' },
     })
 

apps/portal/app/routes/profile.tsx

@@ -16,6 +16,7 @@ export const loader: LoaderFunction = async ({ request }) => {
   const API_URL = baseUrl
   try {
     const res = await fetch(`${API_URL}/api/users/me`, {
+      credentials: 'include',
       headers: { Cookie: cookie || '' },
     })
 

apps/portal/app/routes/registration.tsx

@@ -14,6 +14,7 @@ export const loader: LoaderFunction = async ({ request }) => {
   const API_URL = baseUrl
   try {
     const me = await fetch(`${API_URL}/api/users/me`, {
+      credentials: 'include',
       headers: { Cookie: cookie || '' },
     })
 

apps/portal/app/sessions.ts

@@ -19,9 +19,9 @@ const { getSession, commitSession, destroySession }
     {
       cookie: {
         name: '__session',
-        secure: process.env.NODE_ENV === 'production',
+        secure: true,
         secrets: [sessionSecret],
-        sameSite: 'lax',
+        sameSite: 'none',
         path: '/',
         httpOnly: true,
       },

libs/cms/auth/auth.ts

@@ -3,10 +3,22 @@ import {
 } from 'better-auth';
 
 export const auth = betterAuth({
+    advanced: {
+        crossSubDomainCookies: {
+            enabled: true,
+            domain: ".cuhacking.ca",
+        },
+        defaultCookieAttributes: {
+            secure: true,
+            httpOnly: true,
+            sameSite: "none",
+            partitioned: true,
+        },
+    },
     socialProviders: {
         linkedin: {
-            clientId: process.env.LINKEDIN_CLIENT_ID,
-            clientSecret: process.env.LINKEDIN_CLIENT_SECRET
+            clientId: process.env.LINKEDIN_CLIENT_ID || '',
+            clientSecret: process.env.LINKEDIN_CLIENT_SECRET || ''
         }
     },
 

libs/cms/configs/server.ts

@@ -27,6 +27,17 @@ import { s3Storage } from '@payloadcms/storage-s3'
 import sharp from "sharp";
 
 export const baseConfig = {
+  auth: {
+    cookies: {
+      payloadToken: {
+        domain: ".cuhacking.ca",
+        path: "/",
+        secure: true,
+        httpOnly: true,
+        sameSite: "None",
+      },
+    },
+  },
   globals: [
     Hackathon2025,
   ],

libs/db/collections/models/Users.ts

@@ -259,6 +259,11 @@ export const Users: CollectionConfig = {
   slug: "users",
   // auth: true,
   auth: {
+    cookies: {
+      domain: process.env.NODE_ENV === 'development' ? 'localhost' : '.cuhacking.ca',
+      sameSite: 'None',
+      secure: true
+      },
     disableLocalStrategy: {
       enableFields: true,
       optionalPassword: true,

libs/portal/features/profile/api/user.ts

@@ -3,6 +3,7 @@ import type { UserDetails } from '@cuhacking/portal/types/user'
 export async function getCurrentUser({ cookie, API_URL }: { cookie: string | null, API_URL: string }): Promise<UserDetails | null> {
   try {
     const response = await fetch(`${API_URL}/api/users/me`, {
+      credentials: 'include',
       headers: { Cookie: cookie || '' },
     })