From a85393a3c8e5f8450351f6f78327d1be4367355e Mon Sep 17 00:00:00 2001
From: Greg Baker <gregory.j.baker@hrsdc-rhdcc.gc.ca>
Date: Tue, 10 Dec 2024 20:31:10 -0330
Subject: [PATCH] fix: broken session cookie domain

---
 future-sir-frontend/.env.example                       | 2 +-
 future-sir-frontend/app/.server/express/environment.ts | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/future-sir-frontend/.env.example b/future-sir-frontend/.env.example
index 6d562b1..6ce4f55 100644
--- a/future-sir-frontend/.env.example
+++ b/future-sir-frontend/.env.example
@@ -47,7 +47,7 @@ SESSION_EXPIRES_SECONDS=
 # This cookie stores session ID in the browser.
 SESSION_COOKIE_NAME=
 
-# The domain for which the session cookie is valid (default: localhost).
+# The domain for which the session cookie is valid (default: undefined).
 # Examples:
 #   - `localhost`: cookie is valid only for the localhost domain
 #   - `.example.com`: cookie is valid for all subdomains of example.com
diff --git a/future-sir-frontend/app/.server/express/environment.ts b/future-sir-frontend/app/.server/express/environment.ts
index b37b727..a31e083 100644
--- a/future-sir-frontend/app/.server/express/environment.ts
+++ b/future-sir-frontend/app/.server/express/environment.ts
@@ -63,7 +63,7 @@ const serverEnvironmentSchema = clientEnvironmentSchema
 
     // session config
     SESSION_TYPE: z.enum(['memory', 'redis']).default('memory'),
-    SESSION_COOKIE_DOMAIN: z.string().default('localhost'),
+    SESSION_COOKIE_DOMAIN: z.string().optional(),
     SESSION_COOKIE_NAME: z.string().default('__FSIR||session'),
     SESSION_COOKIE_PATH: z.string().default('/'),
     SESSION_COOKIE_SAMESITE: z.enum(['lax', 'strict', 'none']).default('strict'),