From fa24c72d7f9320bfb7235efc1e415d3e175d6852 Mon Sep 17 00:00:00 2001
From: Vivek <iamcoolvivek007@gmail.com>
Date: Sun, 31 May 2026 07:09:07 +0000
Subject: [PATCH] Fix: secure cookie disabled (Coolify handles HTTPS), fix
 admin password hash

---
 webapp/src/server.js               | 2 +-
 webapp/supabase-FULL-migration.sql | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/webapp/src/server.js b/webapp/src/server.js
index 26889dd..546fbc4 100644
--- a/webapp/src/server.js
+++ b/webapp/src/server.js
@@ -40,7 +40,7 @@ app.use(session({
   secret: config.session.secret,
   resave: false,
   saveUninitialized: false,
-  cookie: { secure: config.nodeEnv === 'production', maxAge: 24 * 60 * 60 * 1000 },
+  cookie: { secure: false, maxAge: 24 * 60 * 60 * 1000 },
 }));
 
 // Make user available to all views
diff --git a/webapp/supabase-FULL-migration.sql b/webapp/supabase-FULL-migration.sql
index 0f31efd..642d640 100644
--- a/webapp/supabase-FULL-migration.sql
+++ b/webapp/supabase-FULL-migration.sql
@@ -113,7 +113,7 @@ CREATE POLICY "open" ON messages FOR ALL USING (true) WITH CHECK (true);
 
 -- 8. SEED ADMIN USER (password: admin123)
 INSERT INTO app_users (username, name, password_hash, role) VALUES
-  ('admin', 'Admin', '$2a$10$8KzaNdKIMyOkASCBFOmKS.VbhOLar0sFAFJcXwauRfMRE8.xOP6Hy', 'admin')
+  ('admin', 'Admin', '$2a$10$LAzb105XOhAqSXm1jMUQue0fp/lrUJBhsLgkobOQTeU.8Jh4rTaoq', 'admin')
 ON CONFLICT (username) DO NOTHING;
 
 -- ============================================================