it was a middleware issue I added the secureCookie line and it works now : `const token = await getToken({

req: request,

secret: process.env.AUTH_SECRET,


secureCookie: process.env.NODE_ENV === "production", // Forces secure cookies in production

});`