Conditionally setting a cookie help

Hi All,

I’m having trouble setting a cookie conditionally based upon
an upstream variable The hope is to cache an auth token in an
encrypted session and only go to the backend auth token generator once.

I have something like this but it seems set-cookie happens no matter
so I alternate between ‘my_login=1848430=’ and ‘my_login=’.

location = /auth {
    set_decode_base32 $b32 $cookie_my_login;
    set_decrypt_session $auth_tok $b32;

    if ($auth_tok != '') {
        return 200;

    include        fastcgi_params;
    fastcgi_pass   unix:/tmp/fcgi_auth_tok_gen.sock;

location / {
    root   /var/www;
    index  index.html index.htm;

    auth_request /auth;
    auth_request_set $new_auth_tok $upstream_http_auth_tok;

    if ($new_auth_tok != false) {
        set_encrypt_session $enc_auth_tok $new_auth_tok;
        set_encode_base32 $b32 $enc_auth_tok;
        add_header Set-Cookie 'my_login=$b32';