fix: change SameSite cookie attribute from 'strict' to 'lax' for better compatibility

This commit is contained in:
Marco Pedone 2025-08-25 12:33:29 +02:00
parent 8d6eeb49c5
commit 39f6cdfdbd
2 changed files with 2 additions and 2 deletions

View file

@ -140,7 +140,7 @@ const refreshAuthToken = async (
response.cookies.set(ACCESS_TOKEN_COOKIE_NAME, newAccessToken, { response.cookies.set(ACCESS_TOKEN_COOKIE_NAME, newAccessToken, {
httpOnly: true, httpOnly: true,
secure: env.NODE_ENV === "production", secure: env.NODE_ENV === "production",
sameSite: "strict", sameSite: "lax",
path: "/", path: "/",
expires: add(new Date(), { hours: 1 }), expires: add(new Date(), { hours: 1 }),
}); });

View file

@ -29,7 +29,7 @@ import {
const cookieOptions: OptionsType = { const cookieOptions: OptionsType = {
httpOnly: true, httpOnly: true,
secure: env.NODE_ENV === "production", secure: env.NODE_ENV === "production",
sameSite: "strict", sameSite: "lax",
path: "/", path: "/",
}; };