From 22067692626493f9f08ebf4184cd2c166300d128 Mon Sep 17 00:00:00 2001
From: Bereket Engida <86073083+Bekacru@users.noreply.github.com>
Date: Sat, 4 Jan 2025 11:31:07 +0300
Subject: [PATCH] fix(passkey): use cookie config for passkey (#1125)

---
 .../better-auth/src/plugins/passkey/index.ts  | 29 ++++++++++++-------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/packages/better-auth/src/plugins/passkey/index.ts b/packages/better-auth/src/plugins/passkey/index.ts
index 186255b9f1..7388627f21 100644
--- a/packages/better-auth/src/plugins/passkey/index.ts
+++ b/packages/better-auth/src/plugins/passkey/index.ts
@@ -261,16 +261,16 @@ export const passkey = (options?: PasskeyOptions) => {
 							authenticatorAttachment: "platform",
 						},
 					});
-
 					const id = generateId(32);
-					await ctx.setSignedCookie(
+					const webAuthnCookie = ctx.context.createAuthCookie(
 						opts.advanced.webAuthnChallengeCookie,
+					);
+					await ctx.setSignedCookie(
+						webAuthnCookie.name,
 						id,
 						ctx.context.secret,
 						{
-							secure: true,
-							httpOnly: true,
-							sameSite: "lax",
+							...webAuthnCookie.attributes,
 							maxAge: maxAgeInSeconds,
 						},
 					);
@@ -428,14 +428,15 @@ export const passkey = (options?: PasskeyOptions) => {
 						},
 					};
 					const id = generateId(32);
-					await ctx.setSignedCookie(
+					const webAuthnCookie = ctx.context.createAuthCookie(
 						opts.advanced.webAuthnChallengeCookie,
+					);
+					await ctx.setSignedCookie(
+						webAuthnCookie.name,
 						id,
 						ctx.context.secret,
 						{
-							secure: true,
-							httpOnly: true,
-							sameSite: "lax",
+							...webAuthnCookie.attributes,
 							maxAge: maxAgeInSeconds,
 						},
 					);
@@ -493,8 +494,11 @@ export const passkey = (options?: PasskeyOptions) => {
 						});
 					}
 					const resp = ctx.body.response;
-					const challengeId = await ctx.getSignedCookie(
+					const webAuthnCookie = ctx.context.createAuthCookie(
 						opts.advanced.webAuthnChallengeCookie,
+					);
+					const challengeId = await ctx.getSignedCookie(
+						webAuthnCookie.name,
 						ctx.context.secret,
 					);
 					if (!challengeId) {
@@ -619,8 +623,11 @@ export const passkey = (options?: PasskeyOptions) => {
 						});
 					}
 					const resp = ctx.body.response;
-					const challengeId = await ctx.getSignedCookie(
+					const webAuthnCookie = ctx.context.createAuthCookie(
 						opts.advanced.webAuthnChallengeCookie,
+					);
+					const challengeId = await ctx.getSignedCookie(
+						webAuthnCookie.name,
 						ctx.context.secret,
 					);
 					if (!challengeId) {