Program.cs change

ServiceHost/Areas/Admin/Pages/Shared/_Menu.cshtml

@@ -463,7 +463,7 @@
                     </a>
                 </li>
                 <li permission="500">
-                    <a asp-area="AdminNew" asp-page="/Company/MonthlyOverview/Index" class="waves-effect btnWorkFlow" style="display: flex;align-items: center;justify-content: space-between;">
+                    <a href="https://admin.dad-mehr.ir/admin/monthly-overview" class="waves-effect btnWorkFlow" style="display: flex;align-items: center;justify-content: space-between;">
                         <div class="menuTitle">
                             <i class="md md-home"></i>
                             <span> بررسی امور ماهانه </span>

ServiceHost/Areas/AdminNew/Pages/Shared/_Menu.cshtml

@@ -611,7 +611,7 @@
                         </a>
                     </li>
                     <li permission="500">
-                        <a asp-area="AdminNew" asp-page="/Company/MonthlyOverview/Index" class="waves-effect btnWorkFlow">
+                        <a href="https://admin.dad-mehr.ir/admin/monthly-overview" class="waves-effect btnWorkFlow">
                             <div class="menuTitle">
                                 <i class="md md-home"></i>
                                 <span> بررسی امور ماهانه </span>

ServiceHost/Program.cs

@@ -91,9 +91,19 @@ builder.Services.Configure<FormOptions>(options =>
 builder.Services.Configure<CookiePolicyOptions>(options =>
 {
     options.CheckConsentNeeded = context => true;
-    options.MinimumSameSitePolicy = SameSiteMode.Strict;
+    //options.MinimumSameSitePolicy = SameSiteMode.Strict;
 });
 
+builder.Services.ConfigureApplicationCookie(options =>
+{
+    //options.Cookie.Name = "GozarAuth";
+    options.Cookie.HttpOnly = true;
+    options.Cookie.SameSite = SameSiteMode.None; // مهم ✅
+    options.Cookie.SecurePolicy = CookieSecurePolicy.Always; // فقط روی HTTPS کار می‌کنه ✅
+    options.Cookie.Domain = ".dad-mehr.ir"; // دامنه مشترک بین پدر و ساب‌دامین‌ها ✅
+});
+
+
 builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
     .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, o =>
     {
@@ -244,13 +254,20 @@ builder.Services.AddSwaggerGen(options =>
 
 builder.Services.AddCors(options =>
 {
-	options.AddPolicy("AllowSpecificOrigins", policy =>
-	{
-		policy.WithOrigins("http://localhost:3000", "http://localhost:3001", "https://gozareshgir.ir", "https://dad-mehr.ir")
-			.AllowAnyHeader()
-			.AllowAnyMethod()
-			.AllowCredentials();
-	});
+    options.AddPolicy("AllowSpecificOrigins", policy =>
+    {
+        policy.WithOrigins(
+                "http://localhost:3000",
+                "http://localhost:3001",
+                "https://gozareshgir.ir",
+                "https://dad-mehr.ir",
+                "https://admin.dad-mehr.ir",
+                "https://admin.gozareshgir.ir"
+            )
+            .AllowAnyHeader()
+            .AllowAnyMethod()
+            .AllowCredentials();
+    });
 });
 
 //builder.Services.AddCors(options =>
@@ -275,7 +292,7 @@ builder.Services.AddExceptionHandler<CustomExceptionHandler>();
 
 var app = builder.Build();
 
-app.UseCors("AllowSpecificOrigins");
+
 
 #region Mahan
 
@@ -323,6 +340,7 @@ app.UseStaticFiles();
 app.UseCookiePolicy();
 
 app.UseRouting();
+app.UseCors("AllowSpecificOrigins");
 
 app.UseAuthorization();