login through iframe

hooks/useUser.ts

@@ -79,19 +79,21 @@ export const useUser = (initialData?: {
           const expiresDate = new Date();
           expiresDate.setTime(expiresDate.getTime() + expiresIn * 1000);
           
+          const isProduction = window.location.protocol === 'https:';
+          
           const cookieOptions: any = {
             expires: expiresDate,
             path: '/',
-            sameSite: 'lax',
+            sameSite: isProduction ? 'none' : 'lax',
           };
           
-          if (window.location.protocol === 'https:') {
+          if (isProduction) {
             cookieOptions.secure = true;
           }
           
           setToken(res.data.access_token, cookieOptions);
           
-          const cookieString = `${MY_TOKEN_KEY()}=${res.data.access_token}; path=/; max-age=${expiresIn}; samesite=lax${cookieOptions.secure ? '; secure' : ''}`;
+          const cookieString = `${MY_TOKEN_KEY()}=${res.data.access_token}; path=/; max-age=${expiresIn}; samesite=${isProduction ? 'none' : 'lax'}${cookieOptions.secure ? '; secure' : ''}`;
           document.cookie = cookieString;
           
           refetchMe();

lib/seo.ts

@@ -74,8 +74,6 @@ export function generateSEO({
       creator: "@deepsite",
     },
     other: {
-      // Prevent iframe embedding from unauthorized domains
-      'X-Frame-Options': 'SAMEORIGIN',
       // Control how the page appears when shared
       'og:image:secure_url': `${baseUrl}${image}`,
       // Help search engines understand the primary URL