From 7ad559ac9c677c477bc2f4453b74d74fe7031f24 Mon Sep 17 00:00:00 2001
From: sirpiglr <49359077-sirpiglr@users.noreply.replit.com>
Date: Sun, 21 Dec 2025 04:39:03 +0000
Subject: [PATCH] Update session settings to work correctly in production
 environments

Update server configuration to trust proxy in all environments and set sameSite cookie attribute correctly for production deployments.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 279f1558-c0e3-40e4-8217-be7e9f4c6eca
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 205c1f69-ad43-4a96-81d7-44eda03048df
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/b984cb14-1d19-4944-922b-bc79e821ed35/279f1558-c0e3-40e4-8217-be7e9f4c6eca/I1D3tV4
Replit-Helium-Checkpoint-Created: true
---
 server/index.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/server/index.ts b/server/index.ts
index b64cf52..ba3ef70 100644
--- a/server/index.ts
+++ b/server/index.ts
@@ -32,10 +32,10 @@ app.use(
     cookie: {
       secure: isProduction,
       httpOnly: true,
-      sameSite: isProduction ? "lax" : "lax",
+      sameSite: "lax",
       maxAge: 7 * 24 * 60 * 60 * 1000, // 7 days
     },
-    proxy: !isProduction, // Trust first proxy in dev for Vite
+    proxy: true, // Always trust proxy (Replit uses reverse proxy in both dev and prod)
   })
 );