update cookies to work on mobile safari

src/routes/chef-access/+page.server.ts

@@ -2,6 +2,7 @@ import type { PageServerLoad } from './$types';
 import { validateMagicLinkToken } from '$lib/auth';
 import { redirect } from '@sveltejs/kit';
 import { MAGIC_LINK_TOKEN } from '$env/static/private';
+import { dev } from '$app/environment';
 
 export const load: PageServerLoad = async ({ url, cookies }) => {
     const token = url.searchParams.get('token');
@@ -21,7 +22,8 @@ export const load: PageServerLoad = async ({ url, cookies }) => {
         cookies.set('chef_bible_auth', 'authenticated', {
             path: '/',
             httpOnly: true,
-            sameSite: 'strict',
+            sameSite: 'lax', // Changed from 'strict' to 'lax' for mobile Safari compatibility
+            secure: !dev, // Secure in production, not secure in development
             maxAge: 30 * 24 * 60 * 60 // 30 days in seconds
         });
 

src/routes/logout/+server.ts

@@ -1,12 +1,14 @@
 import type { RequestHandler } from './$types';
 import { redirect } from '@sveltejs/kit';
+import { dev } from '$app/environment';
 
 export const POST: RequestHandler = async ({ cookies }) => {
     // Clear the authentication cookie using the new API
     cookies.set('chef_bible_auth', '', {
         path: '/',
         httpOnly: true,
-        sameSite: 'strict',
+        sameSite: 'lax', // Changed from 'strict' to 'lax' for mobile Safari compatibility
+        secure: !dev, // Secure in production, not secure in development
         maxAge: 0 // Expire immediately
     });
 
@@ -19,7 +21,8 @@ export const GET: RequestHandler = async ({ cookies }) => {
     cookies.set('chef_bible_auth', '', {
         path: '/',
         httpOnly: true,
-        sameSite: 'strict',
+        sameSite: 'lax', // Changed from 'strict' to 'lax' for mobile Safari compatibility
+        secure: !dev, // Secure in production, not secure in development
         maxAge: 0 // Expire immediately
     });