next-authentication assumes that all cookies aren't httponly and this might cause conflicts.
For example, I'm working on a lambda function that only does OAuth and 302 redirects back to the web app with cookies in the headers, so that the Next.js app can grab on the first load. So the library I'm using sets the cookie setting httponly true by default and I think that's okay.
So instead of changing that security setting to false I'd like to figure out to handle this in the Frontend. It might not be possible, but I'll do some research first before adding any warning or so to the library.
next-authentication
assumes that all cookies aren'thttponly
and this might cause conflicts.For example, I'm working on a lambda function that only does OAuth and
302
redirects back to the web app with cookies in the headers, so that the Next.js app can grab on the first load. So the library I'm using sets the cookie settinghttponly
true by default and I think that's okay.So instead of changing that security setting to false I'd like to figure out to handle this in the Frontend. It might not be possible, but I'll do some research first before adding any warning or so to the library.