From 02d0f9f2c40343a257ad90c89d0dd0f6358b891d Mon Sep 17 00:00:00 2001
From: Nate Kelley <nate@buster.so>
Date: Thu, 23 Jan 2025 16:37:44 -0700
Subject: [PATCH] Update supabase server to secure and http only

---
 web/src/context/Supabase/server.ts | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/web/src/context/Supabase/server.ts b/web/src/context/Supabase/server.ts
index 956aaf96a..409d53e31 100644
--- a/web/src/context/Supabase/server.ts
+++ b/web/src/context/Supabase/server.ts
@@ -1,4 +1,4 @@
-import { createServerClient, type CookieOptions } from '@supabase/ssr';
+import { createServerClient } from '@supabase/ssr';
 import { cookies } from 'next/headers';
 
 export async function createClient() {
@@ -8,6 +8,14 @@ export async function createClient() {
     process.env.NEXT_PUBLIC_SUPABASE_URL!,
     process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
     {
+      cookieOptions: {
+        secure: true,
+        httpOnly: true
+      },
+      auth: {
+        autoRefreshToken: true,
+        persistSession: true
+      },
       cookies: {
         getAll() {
           return cookieStore.getAll();