From b13f18b4d3e58b33e7bdea0bdae45d7efd0da929 Mon Sep 17 00:00:00 2001
From: juancarmore <juancar_more2@hotmail.com>
Date: Mon, 6 Oct 2025 18:25:32 +0200
Subject: [PATCH] backend: remove MEET_COOKIE_SECURE env var and update cookie
 options for secure and sameSite attributes

---
 backend/src/environment.ts        | 2 --
 backend/src/utils/cookie.utils.ts | 5 ++---
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/backend/src/environment.ts b/backend/src/environment.ts
index 128304e..2315911 100644
--- a/backend/src/environment.ts
+++ b/backend/src/environment.ts
@@ -33,8 +33,6 @@ export const {
 	MEET_INITIAL_ADMIN_PASSWORD = 'admin',
 	MEET_INITIAL_API_KEY = '',
 
-	MEET_COOKIE_SECURE = 'false',
-
 	/**
 	 * Webhook configuration
 	 *
diff --git a/backend/src/utils/cookie.utils.ts b/backend/src/utils/cookie.utils.ts
index 9c1f0e1..d7773e6 100644
--- a/backend/src/utils/cookie.utils.ts
+++ b/backend/src/utils/cookie.utils.ts
@@ -1,12 +1,11 @@
 import { CookieOptions } from 'express';
 import ms, { StringValue } from 'ms';
-import { MEET_COOKIE_SECURE } from '../environment.js';
 
 export const getCookieOptions = (path: string, expiration?: string): CookieOptions => {
 	return {
 		httpOnly: true,
-		secure: MEET_COOKIE_SECURE === 'true',
-		sameSite: 'strict',
+		secure: true,
+		sameSite: 'none',
 		maxAge: expiration ? ms(expiration as StringValue) : undefined,
 		path
 	};