diff --git a/apps/web/.env.test b/apps/web/.env.test
index a0696e836..1c9821b54 100644
--- a/apps/web/.env.test
+++ b/apps/web/.env.test
@@ -1,5 +1,6 @@
 PORT=3002
 NEXT_PUBLIC_BASE_URL=http://localhost:3002
+AUTH_URL=http://localhost:3002
 SECRET_PASSWORD=abcdef1234567890abcdef1234567890
 DATABASE_URL=postgres://postgres:postgres@localhost:5450/rallly
 SUPPORT_EMAIL=support@rallly.co
diff --git a/apps/web/src/auth/legacy/next-auth-cookie-migration.ts b/apps/web/src/auth/legacy/next-auth-cookie-migration.ts
index ee53c9223..288eae256 100644
--- a/apps/web/src/auth/legacy/next-auth-cookie-migration.ts
+++ b/apps/web/src/auth/legacy/next-auth-cookie-migration.ts
@@ -60,6 +60,7 @@ export function withAuthMigration(
         res.cookies.set(newCookieName, encodedCookie, {
           httpOnly: true,
           secure: isSecureCookie,
+          expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 7),
           sameSite: "lax",
           path: "/",
         });
diff --git a/apps/web/tests/helpers/next-auth-v4.ts b/apps/web/tests/helpers/next-auth-v4.ts
index a2fbdd59c..90a07c25c 100644
--- a/apps/web/tests/helpers/next-auth-v4.ts
+++ b/apps/web/tests/helpers/next-auth-v4.ts
@@ -1,5 +1,4 @@
 import hkdf from "@panva/hkdf";
-import { nanoid } from "@rallly/utils/nanoid";
 import { EncryptJWT } from "jose";
 import type { JWT } from "next-auth/jwt";
 
@@ -32,6 +31,6 @@ export async function encode(params: JWTEncodeParams) {
     .setProtectedHeader({ alg: "dir", enc: "A256GCM" })
     .setIssuedAt()
     .setExpirationTime(now() + maxAge)
-    .setJti(nanoid())
+    .setJti("some-random-id")
     .encrypt(encryptionSecret);
 }
diff --git a/apps/web/tests/next-auth-migration.spec.ts b/apps/web/tests/next-auth-migration.spec.ts
index 49558560e..1299a0a23 100644
--- a/apps/web/tests/next-auth-migration.spec.ts
+++ b/apps/web/tests/next-auth-migration.spec.ts
@@ -1,6 +1,5 @@
 import { expect, test } from "@playwright/test";
 import { prisma } from "@rallly/database";
-import { nanoid } from "@rallly/utils/nanoid";
 
 import { encode } from "./helpers/next-auth-v4";
 
@@ -12,8 +11,8 @@ test.describe.serial(() => {
       data: {
         id: "legacy-guest-poll",
         title: "Test Poll",
-        adminUrlId: nanoid(),
-        participantUrlId: nanoid(),
+        adminUrlId: "admin-url-id",
+        participantUrlId: "participant-url-id",
         guestId: legacyGuestId,
       },
     });
@@ -28,7 +27,7 @@ test.describe.serial(() => {
 
   test("should see poll on login page", async ({ page }) => {
     const context = page.context();
-    const token = await encode({
+    const legacyToken = await encode({
       token: {
         sub: legacyGuestId,
       },
@@ -39,15 +38,19 @@ test.describe.serial(() => {
     await context.addCookies([
       {
         name: "next-auth.session-token",
-        value: token,
+        value: legacyToken,
         httpOnly: true,
+        expires: Date.now() / 1000 + 60 * 60 * 24 * 7,
         secure: false,
         sameSite: "Lax",
-        path: "/",
         domain: "localhost",
+        path: "/",
       },
     ]);
-    await page.goto("/login");
+
+    await page.goto("/");
+
+    // Check if the poll title exists in the page content
     await expect(page.getByText("Test Poll")).toBeVisible();
   });
 });