lax > strict

dikaio · Sep 17, 2024 · 5cc9d77 · 5cc9d77
1 parent f146d69
commit 5cc9d77
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/lib/auth/session.ts b/lib/auth/session.ts
@@ -53,7 +53,7 @@ export async function setSession(user: NewUser) {
   cookies().set('session', encryptedSession, {
     expires: expiresInOneDay,
     httpOnly: true,
-    secure: true, // Only over HTTPS
-    sameSite: 'strict', // Prevent CSRF
+    secure: true,
+    sameSite: 'lax',
   });
 }
diff --git a/middleware.ts b/middleware.ts
@@ -28,7 +28,7 @@ export async function middleware(request: NextRequest) {
         }),
         httpOnly: true,
         secure: true,
-        sameSite: 'strict',
+        sameSite: 'lax',
         expires: expiresInOneDay,
       });
     } catch (error) {