My csrf token refreshes every time the app boots on my vapor app

I just deployed an application using docker to vapor. The app is up but I am never able to persist a session because when I log csrf_token() method in my service provider boot method, every time a request gets through and the app gets booted it's a new csrf token. I have searched for days why this could happen but haven't gotten any explanation. Any help would be appreciated.

I have set the SESSION_LIFETIME variable on the .env but it does not change anything