Fix a bug for secure cookies

src/controllers/web/UserController.kt

@@ -65,7 +65,8 @@ class UserController(
         val expiresAt = JWT.decode(token).expiresAt
         val gmtDate = GMTDate(expiresAt.time)
 
-        call.response.cookies.append(
+        // Bypass ktor secure verification since we are behind a reverse proxy
+        call.response.headers.append("Set-Cookie", renderSetCookieHeader(Cookie(
             name = "Authorization",
             value = "Bearer $token",
             secure = useSecureCookies,
@@ -75,7 +76,8 @@ class UserController(
             extensions = mapOf(
                 "SameSite" to "Lax"
             )
-        )
+        )))
+
         call.respondRedirect("/notes")
     }