const isProduction = process.env.NODE_ENV === "production";
const forceSecureCookie = process.env.COOKIE_SECURE === "true";
const secure = forceSecureCookie || isProduction;

const cookiesOptions = {
    maxAge: 1000 * 60 * 60 * 24 * 90, // would expire after 90 days
    httpOnly: true, // The cookie only accessible by the web server
    sameSite: secure ? 'none' : 'lax',
    secure,
};

module.exports = { cookiesOptions };