From 32550377aab4b153106e21fd49a1f217cae95666 Mon Sep 17 00:00:00 2001
From: Marcel Raddatz <marcel@raddatz.cloud>
Date: Thu, 2 Apr 2026 13:57:34 +0200
Subject: [PATCH] fix(auth): read JSESSIONID cookie to match Spring Security
 default

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 frontend/src/hooks.server.test.ts | 5 ++++-
 frontend/src/hooks.server.ts      | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/frontend/src/hooks.server.test.ts b/frontend/src/hooks.server.test.ts
index 3601f49..b27342e 100644
--- a/frontend/src/hooks.server.test.ts
+++ b/frontend/src/hooks.server.test.ts
@@ -25,7 +25,10 @@ describe('auth guard (hooks.server.ts handle)', () => {
 		const event = {
 			url: new URL(`http://localhost${pathname}`),
 			cookies: {
-				get: vi.fn().mockReturnValue(cookie)
+				get: vi.fn().mockImplementation((name: string) => {
+					if (name === 'JSESSIONID') return cookie;
+					return undefined;
+				})
 			},
 			locals: {} as any,
 			fetch: vi.fn()
diff --git a/frontend/src/hooks.server.ts b/frontend/src/hooks.server.ts
index 9150df4..afa1868 100644
--- a/frontend/src/hooks.server.ts
+++ b/frontend/src/hooks.server.ts
@@ -23,7 +23,7 @@ export const handle: Handle = async ({ event, resolve }) => {
 		return resolve(event);
 	}
 
-	const sessionCookie = event.cookies.get('session');
+	const sessionCookie = event.cookies.get('JSESSIONID');
 	if (!sessionCookie) {
 		loginRedirect(event.url.pathname);
 	}