I’m using a server action on my next.js project which sets the jwt cookie on sign_in
* Sets the JWT cookie with the appropriate expiration time.
* @param jwt - The JSON Web Token to be stored in the cookie.
*/
function setJwtCookie(jwt: string): void {
let exp: number | null = null;
try {
const payload = JSON.parse(
Buffer.from(jwt.split(".")[1], "base64").toString()
);
exp = payload.exp || null;
} catch (error) {
exp = null;
}
const defaultExpirationTime = 24 * 60 * 60 * 1000; // 24 hours in milliseconds
const expirationTime = exp ? exp * 1000 : Date.now() + defaultExpirationTime;
const expires = new Date(expirationTime);
cookies().set("jwt", jwt, {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
sameSite: "strict",
path: "/",
expires,
});
}