Fix inconsistent session cookie name

middleware.js

@@ -20,7 +20,7 @@ const multiAuthMiddleware = (request) => {
   const cookiePointerName = 'multi_auth.user-id'
   const hasCookiePointer = request.cookies?.has(cookiePointerName)
   // is there a session?
-  const sessionCookieName = '__Secure-next-auth.session-token'
+  const sessionCookieName = 'next-auth.session-token'
   const hasSession = request.cookies?.has(sessionCookieName)
 
   if (!hasCookiePointer || !hasSession) {

pages/api/auth/[...nextauth].js

@@ -248,6 +248,17 @@ export const getAuthOptions = (req, res) => ({
     signIn: '/login',
     verifyRequest: '/email',
     error: '/auth/error'
+  },
+  cookies: {
+    sessionToken: {
+      name: 'next-auth.session-token',
+      options: {
+        httpOnly: true,
+        sameSite: 'lax',
+        path: '/',
+        secure: true
+      }
+    }
   }
 })
 

pages/api/signout.js

@@ -11,7 +11,7 @@ export default (req, res) => {
   const cookiePointerName = 'multi_auth.user-id'
   const userId = req.cookies[cookiePointerName]
   // is there a session?
-  const sessionCookieName = '__Secure-next-auth.session-token'
+  const sessionCookieName = 'next-auth.session-token'
   const sessionJWT = req.cookies[sessionCookieName]
 
   if (!userId || !sessionJWT) {