From 8d10a799c4e9c711d136e1f080b741514625b1d5 Mon Sep 17 00:00:00 2001
From: Anirudh Venkatachalam <50367124+anirudhvee@users.noreply.github.com>
Date: Mon, 13 Apr 2026 04:33:09 -0700
Subject: [PATCH] fix: recognize Ollama __Secure-session cookies

---
 .../Providers/Ollama/OllamaUsageFetcher.swift  |  1 +
 .../OllamaUsageFetcherTests.swift              | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/Sources/CodexBarCore/Providers/Ollama/OllamaUsageFetcher.swift b/Sources/CodexBarCore/Providers/Ollama/OllamaUsageFetcher.swift
index 815e12b65..d42077fc1 100644
--- a/Sources/CodexBarCore/Providers/Ollama/OllamaUsageFetcher.swift
+++ b/Sources/CodexBarCore/Providers/Ollama/OllamaUsageFetcher.swift
@@ -9,6 +9,7 @@ import SweetCookieKit
 
 private let ollamaSessionCookieNames: Set<String> = [
     "session",
+    "__Secure-session",
     "ollama_session",
     "__Host-ollama_session",
     "__Secure-next-auth.session-token",
diff --git a/Tests/CodexBarTests/OllamaUsageFetcherTests.swift b/Tests/CodexBarTests/OllamaUsageFetcherTests.swift
index 4a71624a4..01e7e1c39 100644
--- a/Tests/CodexBarTests/OllamaUsageFetcherTests.swift
+++ b/Tests/CodexBarTests/OllamaUsageFetcherTests.swift
@@ -61,6 +61,14 @@ struct OllamaUsageFetcherTests {
         #expect(resolved?.contains("next-auth.session-token.0=abc") == true)
     }
 
+    @Test
+    func `manual mode accepts secure session cookie header`() throws {
+        let resolved = try OllamaUsageFetcher.resolveManualCookieHeader(
+            override: "__Secure-session=abc; theme=dark",
+            manualCookieMode: true)
+        #expect(resolved?.contains("__Secure-session=abc") == true)
+    }
+
     @Test
     func `retry policy retries only for auth errors`() {
         #expect(OllamaUsageFetcher.shouldRetryWithNextCookieCandidate(after: OllamaUsageError.invalidCredentials))
@@ -124,6 +132,16 @@ struct OllamaUsageFetcherTests {
         #expect(selected.sourceLabel == "Profile C")
     }
 
+    @Test
+    func `cookie selector accepts secure session cookie`() throws {
+        let candidate = OllamaCookieImporter.SessionInfo(
+            cookies: [Self.makeCookie(name: "__Secure-session", value: "auth")],
+            sourceLabel: "Profile D")
+
+        let selected = try OllamaCookieImporter.selectSessionInfo(from: [candidate])
+        #expect(selected.sourceLabel == "Profile D")
+    }
+
     @Test
     func `cookie selector keeps recognized candidates in order`() throws {
         let first = OllamaCookieImporter.SessionInfo(