diff --git a/apps/api/src/controllers/oauth-callback.controller.tsx b/apps/api/src/controllers/oauth-callback.controller.tsx
index 95b6d398..e0e60ae5 100644
--- a/apps/api/src/controllers/oauth-callback.controller.tsx
+++ b/apps/api/src/controllers/oauth-callback.controller.tsx
@@ -5,6 +5,7 @@ import {
   github,
   google,
   type OAuth2Tokens,
+  setLastAuthProviderCookie,
   setSessionTokenCookie,
 } from '@openpanel/auth';
 import { type Account, connectUserToOrganization, db } from '@openpanel/db';
@@ -76,11 +77,10 @@ async function handleExistingUser({
     sessionToken,
     session.expiresAt
   );
-  reply.setCookie('last-auth-provider', providerName, {
-    maxAge: 60 * 60 * 24 * 365,
-    path: '/',
-    sameSite: 'lax',
-  });
+  setLastAuthProviderCookie(
+    (...args) => reply.setCookie(...args),
+    providerName
+  );
   return reply.redirect(
     process.env.DASHBOARD_URL || process.env.NEXT_PUBLIC_DASHBOARD_URL!
   );
@@ -145,11 +145,10 @@ async function handleNewUser({
     sessionToken,
     session.expiresAt
   );
-  reply.setCookie('last-auth-provider', providerName, {
-    maxAge: 60 * 60 * 24 * 365,
-    path: '/',
-    sameSite: 'lax',
-  });
+  setLastAuthProviderCookie(
+    (...args) => reply.setCookie(...args),
+    providerName
+  );
   return reply.redirect(
     process.env.DASHBOARD_URL || process.env.NEXT_PUBLIC_DASHBOARD_URL!
   );
diff --git a/packages/auth/src/cookie.ts b/packages/auth/src/cookie.ts
index 09fab968..cfc4970b 100644
--- a/packages/auth/src/cookie.ts
+++ b/packages/auth/src/cookie.ts
@@ -7,7 +7,17 @@ export function setSessionTokenCookie(
   expiresAt: Date
 ): void {
   setCookie('session', token, {
-    maxAge: Math.floor((expiresAt.getTime() - new Date().getTime()) / 1000),
+    maxAge: Math.floor((expiresAt.getTime() - Date.now()) / 1000),
+    ...COOKIE_OPTIONS,
+  });
+}
+
+export function setLastAuthProviderCookie(
+  setCookie: ISetCookie,
+  provider: string
+): void {
+  setCookie('last-auth-provider', provider, {
+    maxAge: 60 * 60 * 24 * 365,
     ...COOKIE_OPTIONS,
   });
 }
diff --git a/packages/trpc/src/routers/auth.ts b/packages/trpc/src/routers/auth.ts
index 378fcc7d..c8b82ea8 100644
--- a/packages/trpc/src/routers/auth.ts
+++ b/packages/trpc/src/routers/auth.ts
@@ -8,6 +8,7 @@ import {
   google,
   hashPassword,
   invalidateSession,
+  setLastAuthProviderCookie,
   setSessionTokenCookie,
   validateSessionToken,
   verifyPasswordHash,
@@ -225,11 +226,7 @@ export const authRouter = createTRPCRouter({
       const token = generateSessionToken();
       const session = await createSession(token, user.id);
       setSessionTokenCookie(ctx.setCookie, token, session.expiresAt);
-      ctx.setCookie('last-auth-provider', 'email', {
-        maxAge: 60 * 60 * 24 * 365,
-        path: '/',
-        sameSite: 'lax',
-      });
+      setLastAuthProviderCookie(ctx.setCookie, 'email');
       return {
         type: 'email',
       };