captcha string instead of mongoid class fixes json cookie issue for nginx

models/pages/captcha.js

@@ -23,9 +23,10 @@ module.exports = async (req, res, next) => {
 	}
 
 	return res
-		.cookie('captchaid', captchaId, {
+		.cookie('captchaid', captchaId.toString(), {
 			'maxAge': 5*60*1000, //5 minute cookie
-			'httpOnly': true
+			'httpOnly': true,
+			'secure': true
 		})
 		.redirect(`/captcha/${captchaId}.png`);