diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 0000000..1359430
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,9 @@
+## Description of the Problem / Feature
+
+## Explanation of the solution
+
+## Instructions on making this work
+
+## Describe environment variable changes
+
+## Preview of changes
diff --git a/.github/workflows/analyze.yaml b/.github/workflows/analyze.yaml
new file mode 100644
index 0000000..53ee6e4
--- /dev/null
+++ b/.github/workflows/analyze.yaml
@@ -0,0 +1,34 @@
+name: Analyze Bundle
+
+on: [push]
+
+jobs:
+    analyze_bundle:
+        runs-on: ubuntu-16gb
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+            - uses: actions/setup-node@v4
+              with:
+                  node-version-file: ".nvmrc"
+                  cache: "npm"
+
+            # Maybe unnecessary, but prevents this job from racing to set the cache key
+            # with the test workflow
+            - uses: actions/cache/restore@v4
+              id: cache-modules
+              with:
+                  path: node_modules
+                  key: modules-${{ hashFiles('package-lock.json')}}
+
+            # If no full node_modules hit, install and prefer global package cache.
+            - if: steps.cache-modules.outputs.cache-hit != 'true'
+              run: npm ci --prefer-offline --no-audit
+
+            - run: npm run analyze
+
+            - name: Archive bundle analysis
+              uses: actions/upload-artifact@v3
+              with:
+                  name: bundle-analysis.zip
+                  path: .next/analyze/*.html
diff --git a/src/apis/queries.tsx b/src/apis/queries.tsx
index dedf40e..129106a 100644
--- a/src/apis/queries.tsx
+++ b/src/apis/queries.tsx
@@ -4,6 +4,7 @@ import { DoiRecord } from "./types";
 export async function getDois() {
   const response = await fetch(`${NODES_API_URL}/v1/admin/doi/list`, {
     credentials: "include",
+    mode: "cors",
   });
 
   const data = (await response.json()) as
diff --git a/src/app/actions.tsx b/src/app/actions.tsx
index e497665..a2843d0 100644
--- a/src/app/actions.tsx
+++ b/src/app/actions.tsx
@@ -32,7 +32,31 @@ export async function login(prevState: any, formData: FormData) {
 
   if (response.ok && response.user) {
     // Set cookie
-    cookies().set(AUTH_COOKIE_FIELDNAME, response.user.token);
+    cookies().set(AUTH_COOKIE_FIELDNAME, response.user.token, {
+      path: "/",
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 30 * 1), // 1 month
+      httpOnly: true,
+      secure: process.env.NEXT_ENV === "production",
+      domain: process.env.NODE_ENV === "production" ? ".desci.com" : undefined,
+    });
+
+    if (process.env.NEXT_ENV === "production") {
+      cookies().set(AUTH_COOKIE_FIELDNAME, response.user.token, {
+        path: "/",
+        expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 30 * 1), // 1 month
+        httpOnly: true,
+        secure: true,
+        domain: "nodes.desci.com",
+      });
+      cookies().set(AUTH_COOKIE_FIELDNAME, response.user.token, {
+        path: "/",
+        expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 30 * 1), // 1 month
+        httpOnly: true,
+        secure: true,
+        domain: ".desci.com",
+      });
+    }
+
     redirect(`/`);
   }