goodgo-platform

Files

Ho Ngoc Hai 1ebdc5f0b3 fix: auth cookies cross-origin, async params, CSRF/web-vitals errors

- Set SameSite=lax for auth & CSRF cookies in development (cross-port)
- Set refresh_token cookie path to / (was /auth, preventing cross-port send)
- Await params in Next.js 15 async server components (layout, listings, agents)
- Add CSRF token to web-vitals POST requests
- Fix: 401 Unauthorized on all authenticated API calls from web app
- Fix: CSRF token missing on POST requests from different port
- Fix: params.locale sync access warning in generateMetadata

Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com>

2026-04-13 11:24:45 +07:00

api

fix: auth cookies cross-origin, async params, CSRF/web-vitals errors

2026-04-13 11:24:45 +07:00

web

fix: auth cookies cross-origin, async params, CSRF/web-vitals errors

2026-04-13 11:24:45 +07:00