v4: Additional cookie configurations

[mvvmm]

Checklist

• I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
• I have looked into the API documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

This is kind of a piggy back off of #1853

In v3, we could configure all of:

AUTH0_COOKIE_DOMAIN
AUTH0_COOKIE_PATH
AUTH0_COOKIE_TRANSIENT
AUTH0_COOKIE_HTTP_ONLY
AUTH0_COOKIE_SECURE
AUTH0_COOKIE_SAME_SITE

via environment variables.

Looks like the work in #1872 only added support for configuring name, secure, and sameSite. I know my team also configures the domain and transient properties.

Describe the ideal solution

Add support for all the existing cookie configurations in v3 to also be configured in v4.

Alternatives and current workarounds

None, that I'm aware of

Additional context

This is important for sharing sessions between same domain applications.

We have app1 and app2 that want to share sessions between them, so we configure the cookie_domain to be .ourdomain.com instead of app1.ourdomain.com or app2.ourdomain.com.

[tusharpandey13]

Thank you for reporting this, we are actively looking into this.

[mvvmm]

@tusharpandey13 Any update on this?

[LoganLaFollette]

+1 in support of adding this additional configuration back in 👍🏼

[iromanro]

@tusharpandey13 @frederikprijck would like to see this configuration in v4 as well. Any updates on when this will added?

[mvvmm]

@brth31 @arpit-jn Hopefully one of y'all can help with this.

This is a feature that is supported in general by Auth0 (non-persistant sessions via transient cookies for example), was supported in v3 of this SDK, and was broken in v4. I am looking for an update of when this might be fixed.

The v3 docs we were using were removed: https://auth0.github.io/nextjs-auth0/types/config.ConfigParameters.html, and we have been unable to upgrade to v4 because of some of the breaking changes I've opened in this and other issues, so we've just been stuck in limbo for months now with no communication.

[karth295]

Huge regression for simple plumbing. Is there a workaround to set AUTH0_COOKIE_DOMAIN in the mean time?

[brth31]

@mvvmm thanks for your patience here! Our team is looking into this and will share next steps soon.

[tusharpandey13]

This was released with v4.5.0
npm: https://www.npmjs.com/package/@auth0/nextjs-auth0/v/4.5.0
github packages: https://github.com/auth0/nextjs-auth0/releases/tag/v4.5.0