From d6a7b503ff4571b1291a55a569add3374f5e2d5b Mon Sep 17 00:00:00 2001
From: Elias Schneider <login@eliasschneider.com>
Date: Sat, 3 Jan 2026 23:46:44 +0100
Subject: [PATCH] fix: invalid cookie name for email login code device token

---
 backend/internal/utils/cookie/cookie_names.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/internal/utils/cookie/cookie_names.go b/backend/internal/utils/cookie/cookie_names.go
index a0799911..73acdf13 100644
--- a/backend/internal/utils/cookie/cookie_names.go
+++ b/backend/internal/utils/cookie/cookie_names.go
@@ -8,7 +8,7 @@ import (
 
 var AccessTokenCookieName = "__Host-access_token"
 var SessionIdCookieName = "__Host-session"
-var DeviceTokenCookieName = "__Host-device_token" //nolint:gosec
+var DeviceTokenCookieName = "__Secure-device_token" //nolint:gosec
 
 func init() {
 	if strings.HasPrefix(common.EnvConfig.AppURL, "http://") {