diff --git a/app/api/auth/[...nextauth]/route.ts b/app/api/auth/[...nextauth]/route.ts
index e98a4394..6d92f83d 100644
--- a/app/api/auth/[...nextauth]/route.ts
+++ b/app/api/auth/[...nextauth]/route.ts
@@ -60,30 +60,36 @@ export const authOptions: NextAuthOptions = {
   },
   cookies: {
     sessionToken: {
-      name: `__Secure-next-auth.session-token`,
+      name: process.env.NODE_ENV === 'production' 
+        ? `__Secure-next-auth.session-token`
+        : `next-auth.session-token`,
       options: {
         httpOnly: true,
         sameSite: 'lax',
         path: '/',
-        secure: true
+        secure: process.env.NODE_ENV === 'production'
       }
     },
     callbackUrl: {
-      name: `__Secure-next-auth.callback-url`,
+      name: process.env.NODE_ENV === 'production'
+        ? `__Secure-next-auth.callback-url`
+        : `next-auth.callback-url`,
       options: {
         httpOnly: true,
         sameSite: 'lax',
         path: '/',
-        secure: true
+        secure: process.env.NODE_ENV === 'production'
       }
     },
     csrfToken: {
-      name: `__Host-next-auth.csrf-token`,
+      name: process.env.NODE_ENV === 'production'
+        ? `__Host-next-auth.csrf-token`
+        : `next-auth.csrf-token`,
       options: {
         httpOnly: true,
         sameSite: 'lax',
         path: '/',
-        secure: true
+        secure: process.env.NODE_ENV === 'production'
       }
     }
   },
diff --git a/middleware.ts b/middleware.ts
index 0e16f91c..42e19583 100644
--- a/middleware.ts
+++ b/middleware.ts
@@ -3,8 +3,14 @@ import { NextResponse } from "next/server";
 
 export default withAuth(
   function middleware(req) {
-    // Allow access to the root path and signin page
-    if (req.nextUrl.pathname === "/" || req.nextUrl.pathname === "/signin") {
+    // Allow access to public paths
+    if (
+      req.nextUrl.pathname === "/" ||
+      req.nextUrl.pathname === "/signin" ||
+      req.nextUrl.pathname.startsWith("/_next") ||
+      req.nextUrl.pathname.startsWith("/api/auth") ||
+      req.nextUrl.pathname.startsWith("/public")
+    ) {
       return NextResponse.next();
     }
 
@@ -14,17 +20,17 @@ export default withAuth(
   {
     callbacks: {
       authorized: ({ token, req }) => {
-        // Allow access to the root path and signin page
-        if (req.nextUrl.pathname === "/" || req.nextUrl.pathname === "/signin") {
+        // Allow access to public paths
+        if (
+          req.nextUrl.pathname === "/" ||
+          req.nextUrl.pathname === "/signin" ||
+          req.nextUrl.pathname.startsWith("/_next") ||
+          req.nextUrl.pathname.startsWith("/api/auth") ||
+          req.nextUrl.pathname.startsWith("/public")
+        ) {
           return true;
         }
         
-        // Check if the request is for an API route
-        if (req.nextUrl.pathname.startsWith('/api/')) {
-          // For API routes, require a valid token
-          return !!token;
-        }
-        
         // For all other routes, require a valid token
         return !!token;
       },