Cookie domain not sent in document response headers in prod

[Aniket-Harmoney]

Environment

• Operating System: Darwin
• Node Version: v22.8.0
• Nuxt Version: 3.14.1592
• CLI Version: 3.16.0
• Nitro Version: 2.10.4
• Package Manager: [email protected]

Reproduction

Not able to reproduce this locally.

Describe the bug

The above domain mentioned in set-cookie response headers is not available on prod on page refresh due to which it is setting two auth.token cookies, one with .harmoney.dev and one with www.harmoney.dev.

What I tried till now:

• Since production has build being served, so I built my code locally using yarn build and then did yarn start which is the same command as on prod docker file.
• It is working fine while running build locally, but failing on prod.

Dockerfile:

FROM node:22.3.0-slim

....

RUN yarn install \
  --prefer-offline \
  --frozen-lockfile \
  --non-interactive \
  --production=false

COPY . .
RUN yarn build

ENV HOST 0.0.0.0
EXPOSE 3000

CMD ["yarn", "start"]

nuxt.config.ts:

auth: {
    globalAppMiddleware: {
      isEnabled: true,
    },
    sessionRefresh: {
      handler: "./RefreshHandler",
    },
    provider: {
      type: "local",
      endpoints: {
        signIn: { path: "api/token/", method: "post" },
        signOut: false,
        getSession: { path: "api/session/", method: "get" },
      },
      token: {
        signInResponseTokenPointer: "/access",
        cookieDomain: process.env.NUXT_PUBLIC_COOKIE_DOMAIN,
        sameSiteAttribute: 'none',
        httpOnlyCookieAttribute: true,
        secureCookieAttribute: true,
      },
      refresh: {
        isEnabled: true,
        endpoint: { path: "api/token/refresh/", method: "post" },
        refreshOnlyToken: true,
        token: {
          signInResponseRefreshTokenPointer: "/refresh",
          cookieDomain: process.env.NUXT_PUBLIC_COOKIE_DOMAIN,
          sameSiteAttribute: 'none',
          httpOnlyCookieAttribute: true,
          secureCookieAttribute: true,
        },
      },
      pages: {
        login: "/auth/login",
      },
    },
    baseURL: process.env.NUXT_PUBLIC_BASE_API_URL,
  },

NUXT_PUBLIC_COOKIE_DOMAIN is equal to .harmoney.dev and I am running local setup using caddy to mimic exact frontend as well.

Makefile:

...
build: prepare
	@set -a && source .env && set +a && echo "DEV_MODE=$$DEV_MODE" && \
	docker build  --cache-from $(LATEST_IMAGE) \
		--build-arg CACHE_BUSTY=$(date +%s) \
		--build-arg NUXT_PUBLIC_SENTRY_PUBLISH_RELEASE=$$NUXT_PUBLIC_SENTRY_PUBLISH_RELEASE \
		--build-arg NUXT_PUBLIC_SENTRY_AUTH_TOKEN=$$NUXT_PUBLIC_SENTRY_AUTH_TOKEN \
		--build-arg NUXT_PUBLIC_DEV_MODE=$$NUXT_PUBLIC_DEV_MODE \
		--build-arg NUXT_PUBLIC_BASE_API_URL=$$NUXT_PUBLIC_BASE_API_URL \
		--build-arg NUXT_PUBLIC_SHOW_WAITLIST_SCREENS=$$NUXT_PUBLIC_SHOW_WAITLIST_SCREENS \
		-t $(IMAGE_REF) -t $(APP):$(IMAGE_TAG) build/app/

Additional context

No response

Logs

No response