From fa215cae1f25fe8089de80646bdbd86e531de917 Mon Sep 17 00:00:00 2001
From: Nandgopal-R <nandgopalrnair@gmail.com>
Date: Tue, 10 Mar 2026 10:48:39 +0530
Subject: [PATCH 1/2] Enhanced CORS configuration for cross-domain auth

---
 src/api/auth/index.ts | 7 +++++++
 src/index.ts          | 3 +++
 2 files changed, 10 insertions(+)

diff --git a/src/api/auth/index.ts b/src/api/auth/index.ts
index 3023f3c..270071a 100644
--- a/src/api/auth/index.ts
+++ b/src/api/auth/index.ts
@@ -28,6 +28,13 @@ export const auth = betterAuth({
     modelName: "session",
   },
 
+  advanced: {
+    useSecureCookies: true, // Must be true for production (HTTPS)
+    crossSubDomainCookies: {
+      enabled: false, // Not subdomains, different domains entirely
+    },
+  },
+
   emailAndPassword: {
     enabled: true,
   },
diff --git a/src/index.ts b/src/index.ts
index f77e496..dbd4c12 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -14,6 +14,9 @@ const app = new Elysia()
           o.trim(),
         ) || "*",
       credentials: true,
+      allowedHeaders: ["Content-Type", "Authorization", "Cookie"],
+      exposedHeaders: ["Set-Cookie"],
+      methods: ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"],
     }),
   )
 

From f340f393277731cdea8ae90804f7fdb8e5d715d2 Mon Sep 17 00:00:00 2001
From: Nandgopal-R <nandgopalrnair@gmail.com>
Date: Tue, 10 Mar 2026 10:51:02 +0530
Subject: [PATCH 2/2] fix: typo error

---
 src/index.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/index.ts b/src/index.ts
index dbd4c12..d007e13 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -15,7 +15,7 @@ const app = new Elysia()
         ) || "*",
       credentials: true,
       allowedHeaders: ["Content-Type", "Authorization", "Cookie"],
-      exposedHeaders: ["Set-Cookie"],
+      exposeHeaders: ["Set-Cookie"],
       methods: ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"],
     }),
   )