From da538f759ae8db3d8eecd4c25a7a46eb3fbe27f9 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 29 Jun 2026 03:17:03 +0000
Subject: [PATCH] fix(auth): enable local auth persistence on production
 domains

Bypasses Safari ITP fallback on primary domains where Next.js proxies
Firebase auth traffic, preventing users from being logged out on reload.
---
 vessel/src/lib/firebase.ts | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/vessel/src/lib/firebase.ts b/vessel/src/lib/firebase.ts
index 555cd8382..4ad9653d8 100644
--- a/vessel/src/lib/firebase.ts
+++ b/vessel/src/lib/firebase.ts
@@ -150,6 +150,15 @@ export function isSafariBrowser(userAgent: string | undefined = typeof navigator
 export function shouldUseSessionAuthPersistence(
   userAgent: string | undefined = typeof navigator === 'undefined' ? undefined : navigator.userAgent,
 ): boolean {
+  // If running on a first-party auth domain (bypassing ITP), we can safely use
+  // local persistence without IndexedDB cross-site hanging.
+  if (
+    typeof window !== 'undefined' &&
+    (window.location.hostname === 'ravencalder.com' ||
+      window.location.hostname === 'www.ravencalder.com')
+  ) {
+    return false;
+  }
   if (!userAgent) return false;
 
   // Every iOS browser shell uses WebKit; IndexedDB stalls the same as Safari.