From 081ebec567ba1588ce602c79458c32238070ea87 Mon Sep 17 00:00:00 2001
From: Marc Mintel <marc@mintel.me>
Date: Thu, 12 Feb 2026 17:05:03 +0100
Subject: [PATCH] fix(infra): forward Cookie header to gatekeeper for session
 verification

---
 docker-compose.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index ef3e99f..ab52b0b 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -31,7 +31,7 @@ services:
 
       - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.address=http://${PROJECT_NAME}-gatekeeper:3000/gatekeeper/api/verify"
       - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.trustForwardHeader=true"
-      - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.authRequestHeaders=Host,X-Forwarded-Host,X-Forwarded-Proto,X-Forwarded-For"
+      - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.authRequestHeaders=Host,X-Forwarded-Host,X-Forwarded-Proto,X-Forwarded-For,Cookie"
       - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.authResponseHeaders=X-Auth-User"
     healthcheck:
       test: [ "CMD", "node", "-e", "fetch('http://127.0.0.1:3000/api/health').then(r => r.ok ? process.exit(0) : process.exit(1)).catch(() => process.exit(1))" ]