From 05cc17d4af486f3ee7ab5da42a0d2934b0678d21 Mon Sep 17 00:00:00 2001
From: Hernan Alvarado <hernanvid123@gmail.com>
Date: Tue, 3 Mar 2026 13:59:16 -0500
Subject: [PATCH] perf(core): precompute cookie store for request handling

---
 packages/core/src/index.ts | 19 ++++++-------------
 1 file changed, 6 insertions(+), 13 deletions(-)

diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts
index dd401b9..c8de6f1 100644
--- a/packages/core/src/index.ts
+++ b/packages/core/src/index.ts
@@ -33,18 +33,17 @@ const createInternalConfig = (authConfig?: AuthConfig): RouterConfig => {
     const useProxyHeaders =
         trustedProxyHeadersEnv === undefined ? (authConfig?.trustedProxyHeaders ?? false) : getEnvBoolean("TRUSTED_PROXY_HEADERS")
     const logger = createProxyLogger(authConfig)
+    const cookiePrefix = authConfig?.cookies?.prefix
+    const cookieOverrides = authConfig?.cookies?.overrides ?? {}
+    const secureCookieStore = createCookieStore(true, cookiePrefix, cookieOverrides, logger)
+    const standardCookieStore = createCookieStore(false, cookiePrefix, cookieOverrides, logger)
 
     return {
         basePath: authConfig?.basePath ?? "/auth",
         onError: createErrorHandler(logger),
         context: {
             oauth: createBuiltInOAuthProviders(authConfig?.oauth),
-            cookies: createCookieStore(
-                useProxyHeaders,
-                authConfig?.cookies?.prefix,
-                authConfig?.cookies?.overrides ?? {},
-                logger
-            ),
+            cookies: standardCookieStore,
             jose: createJoseInstance(authConfig?.secret),
             secret: authConfig?.secret,
             basePath: authConfig?.basePath ?? "/auth",
@@ -56,13 +55,7 @@ const createInternalConfig = (authConfig?: AuthConfig): RouterConfig => {
         use: [
             (ctx) => {
                 const useSecure = useSecureCookies(ctx.request, ctx.context.trustedProxyHeaders)
-                const cookies = createCookieStore(
-                    useSecure,
-                    authConfig?.cookies?.prefix,
-                    authConfig?.cookies?.overrides ?? {},
-                    logger
-                )
-                ctx.context.cookies = cookies
+                ctx.context.cookies = useSecure ? secureCookieStore : standardCookieStore
                 return ctx
             },
         ],