Amplify gives "No current user" only in Safari?

Question

Context: I'm using Amplify for authentication in a static site that is composed of 2 sites frankensteined together by building Website A, putting it into an S3 bucket and the building website B and placing its build files within a subfolder of that S3 bucket. It then hosts perfectly fine, the only hitch being that to navigate between the sites, I can't use the Router of website A because at build time it doesn't know Website B exists, so to direct users toward website B I have to use window.location.assign(SAME_DOMAIN/v2/website_B).

Expected Result: I can navigate to the other site in Chrome, Safari, Firefox, etc.

Actual Result: I can navigate to the other site in Chrome, Firefox, Opera. In Safari, when I try to navigate to the other site, Amplify.currentSession() returns an error "Can't get current user" so the website naturally redirects me back to sign-in. Having checked storage, it seems to be wiping away the Amplify credentials(whether I keep them in localStorage or cookies). Another weird behaviour is that if I type in the URL manually, it navigates me there no problem, but I've tried window.location.replace, window.location.assign, document.location.replace, etc. and nothing works.

Amplify Config

auth: {
    region: "eu-west-2",
    userPoolId: "eu-west-2_XXXXXXXX",
    userPoolWebClientId: "XXXXXXXXXXXXXXXXXXXXXX",
    cookieStorage: {
      domain: "XXX.XXXXX.com",
      path: "/",
      expires: 365,
      secure: true,
    },
  },

Answer 1

Safari seems more inflexible than other browsers when handling cookies, whenever amplify auth is used with secure: true on a page served by HTTP (as often the case when on dev computer), it fails with "No current user". Served over HTTPS, all is fine.

See this GH issue on the same subject.

Solution we settled on is to tie secure property to development env:

secure: process.env.NODE_ENV !== "development"