docs(examples): add secure flag explanation to with-iron-session (#31896

) Following comment on the project here: vvo/iron-session#425
vercel · Nov 29, 2021 · 127b92b · 127b92b
1 parent b1be180
commit 127b92b
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/examples/with-iron-session/lib/session.ts b/examples/with-iron-session/lib/session.ts
@@ -5,6 +5,10 @@ import type { User } from 'pages/api/user'
 export const sessionOptions: IronSessionOptions = {
   password: process.env.SECRET_COOKIE_PASSWORD as string,
   cookieName: 'iron-session/examples/next.js',
+  // secure: true should be used in production (HTTPS) but can't be used in development (HTTP)
+  cookieOptions: {
+    secure: process.env.NODE_ENV === 'production',
+  },
 }
 
 // This is where we specify the typings of req.session.*