Endpoint/Common/Services/UrlHelper.cs

@@ -6,7 +6,7 @@ namespace Mirea.Api.Endpoint.Common.Services;
 
 public static class UrlHelper
 {
-    public static string CurrentDomain(HttpContext context) =>
+    public static string GetCurrentDomain(this HttpContext context) =>
         context.Request.Headers["X-Forwarded-Host"].FirstOrDefault() ?? context.Request.Host.Host;
 
     private static string CreateSubPath(string? path)

Endpoint/Controllers/Configuration/SetupController.cs

@@ -74,9 +74,11 @@ public partial class SetupController(
         Response.Cookies.Append("AuthToken", token, new CookieOptions
         {
             Path = UrlHelper.GetSubPathWithoutFirstApiName + "api",
-            Domain = UrlHelper.CurrentDomain(ControllerContext.HttpContext),
+            Domain = HttpContext.GetCurrentDomain(),
+#if !DEBUG
             Secure = true,
             HttpOnly = true
+#endif
         });
         return Ok(true);
     }

Endpoint/Controllers/V1/AuthController.cs

@@ -30,9 +30,11 @@ public class AuthController(IOptionsSnapshot<Admin> user, AuthService auth, Pass
         {
             Expires = expires,
             Path = UrlHelper.GetSubPathWithoutFirstApiName + "api",
-            Domain = UrlHelper.CurrentDomain(ControllerContext.HttpContext),
+            Domain = HttpContext.GetCurrentDomain(),
+#if !DEBUG
             Secure = true,
             HttpOnly = true
+#endif
         };
 
         Response.Cookies.Append(name, value, cookieOptions);