User not authenticated in subsequent requests using session auth

[Albinch]

Hi ! I am experiencing an issue with session cookies being sent in subsequent requests but my user cannot be authenticated using AdonisJS with session authentication. Here is the detailed setup and the problem I am facing:

**Setup : **

Front-end (Next.js):
LoginForm Component:

"use client";
import { redirect } from 'next/navigation';

export default function LoginForm() {
    const loginUser = async (formData) => {
        const email = formData.get('email');
        const password = formData.get('password');

        const body = {
            email: email,
            password: password
        }

        await fetch('http://127.0.0.1:3333/auth/signin', {
            method: 'POST',
            headers: {
                "Content-Type": "application/json"
            },
            body: JSON.stringify(body),
            credentials: 'include'
        })
        .then(response => {
            if (response.status === 200)
                redirect('/team');
        });
    }

    return (
        <form action={loginUser}>
            <span>
                <label htmlFor="email">Email:</label>
                <input type="email" name="email" id="emailInput" />
            </span>
            <span>
                <label htmlFor="password">Password:</label>
                <input type="password" name="password" id="passwordInput" />
            </span>
            <span>
                <button type="submit">Login</button>
            </span>
        </form>
    )
}

Test Component:

"use client";
import { useEffect, useState } from "react";
import ContentLayout from "../components/layouts/ContentLayout";
import { PlayerTable } from "../components/player/PlayerTable";
import { Player } from "../types/Player";

export default function Test() {

    useEffect(() => {
        fetch('http://127.0.0.1:3333/auth', {
            method: 'GET',
            credentials: 'include'
        })
        .then(response => response.json())
        .then(data => console.log(data));
    }, []);

    return (
         <>
         </>
    )
}

Back-end (AdonisJS):

session.ts Configuration:

import { sessionConfig } from '@adonisjs/session/build/config';
import Env from '@ioc:Adonis/Core/Env';
import Application from '@ioc:Adonis/Core/Application';

export default sessionConfig({
    enabled: true,
    driver: Env.get('SESSION_DRIVER'),
    cookieName: 'adonis-session',
    clearWithBrowser: false,
    age: '2h',
    cookie: {
        path: '/',
        httpOnly: true,
        sameSite: false,
    },
    file: {
        location: Application.tmpPath('sessions'),
    },
    redisConnection: 'local',
});

cors.ts Configuration:

import type { CorsConfig } from '@ioc:Adonis/Core/Cors';

const corsConfig: CorsConfig = {
    enabled: true,
    origin: true,
    methods: ['GET', 'HEAD', 'POST', 'PUT', 'DELETE'],
    headers: true,
    exposeHeaders: [
        'cache-control',
        'content-language',
        'content-type',
        'expires',
        'last-modified',
        'pragma',
    ],
    credentials: true,
    maxAge: 90,
};

export default corsConfig;

Login Route:

import Route from '@ioc:Adonis/Core/Route';
import Hash from '@ioc:Adonis/Core/Hash';

Route.post('/auth/signin', async ({ request, response, auth }) => {
    const { email, password } = await request.all();

    try {
        await auth.attempt(email, password);
    } catch (error) {
        return response.status(400).json({ message: error.message }); 
    }
})

Test Route :

Route.get('/auth', async ({ request, response, auth }) => {
    console.log(request.headers());
    await auth.check();
    return response.json(auth.user);
});

Problem:

After logging in, the session cookie is set correctly, as shown in the response headers:

Set-Cookie: adonis-session=s%3AeyJtZXNzYWdlIjoiY2x5NjhlMnozMDAwbHpnNGZhcDZrOW53bSIsInB1cnBvc2UiOiJhZG9uaXMtc2Vzc2lvbiJ9.9UvYwoIEesoBAYaLDo2_VBgh1Yw5UhU52du8BWEp-XI; Max-Age=7200; Path=/; HttpOnly; SameSite=None

However, when making a subsequent GET request to /auth, the cookie is sent in the request headers, but the session is not recognized on the server-side:

Cookie: adonis-session=s%3AeyJtZXNzYWdlIjoiY2x5NjhlMnozMDAwbHpnNGZhcDZrOW53bSIsInB1cnBvc2UiOiJhZG9uaXMtc2Vzc2lvbiJ9.9UvYwoIEesoBAYaLDo2_VBgh1Yw5UhU52du8BWEp-XI

The session cookie is present in the request headers, but auth.check() fails to authenticate the user.

Questions :

Is there a potential issue with how auth.check() handles the session cookie?
Are there any additional configurations or middleware setups required to ensure the session is recognized in subsequent requests?

Thank you for your help and support!