fix: last auth provider cookie (wrong domain)

2026-02-27 23:41:38 +01:00
parent 1272466235
commit b801d6a8ef
3 changed files with 22 additions and 16 deletions
--- a/apps/api/src/controllers/oauth-callback.controller.tsx
+++ b/apps/api/src/controllers/oauth-callback.controller.tsx
@@ -5,6 +5,7 @@ import {
  github,
  google,
  type OAuth2Tokens,
+  setLastAuthProviderCookie,
  setSessionTokenCookie,
 } from '@openpanel/auth';
 import { type Account, connectUserToOrganization, db } from '@openpanel/db';
@@ -76,11 +77,10 @@ async function handleExistingUser({
    sessionToken,
    session.expiresAt
  );
-  reply.setCookie('last-auth-provider', providerName, {
-    maxAge: 60 * 60 * 24 * 365,
-    path: '/',
-    sameSite: 'lax',
-  });
+  setLastAuthProviderCookie(
+    (...args) => reply.setCookie(...args),
+    providerName
+  );
  return reply.redirect(
    process.env.DASHBOARD_URL || process.env.NEXT_PUBLIC_DASHBOARD_URL!
  );
@@ -145,11 +145,10 @@ async function handleNewUser({
    sessionToken,
    session.expiresAt
  );
-  reply.setCookie('last-auth-provider', providerName, {
-    maxAge: 60 * 60 * 24 * 365,
-    path: '/',
-    sameSite: 'lax',
-  });
+  setLastAuthProviderCookie(
+    (...args) => reply.setCookie(...args),
+    providerName
+  );
  return reply.redirect(
    process.env.DASHBOARD_URL || process.env.NEXT_PUBLIC_DASHBOARD_URL!
  );