From 0d131bae58ac0aaf06b84d377b0c3df815b4747f Mon Sep 17 00:00:00 2001
From: WillKirkmanM <WillKirkmanMoller@gmail.com>
Date: Mon, 14 Oct 2024 23:56:47 +0100
Subject: [PATCH] Feat(authentication.rs): Add Secure and No SameSite to
 Authentication Cookies

---
 crates/backend/src/routes/authentication.rs | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/crates/backend/src/routes/authentication.rs b/crates/backend/src/routes/authentication.rs
index 06b8914c..b054f4b7 100644
--- a/crates/backend/src/routes/authentication.rs
+++ b/crates/backend/src/routes/authentication.rs
@@ -116,7 +116,8 @@ pub async fn login(form: web::Json<AuthData>) -> impl Responder {
                 if let Err(_) = response.add_cookie(
                     &Cookie::build("plm_refreshToken", generated_refresh_token)
                         .http_only(true)
-                        .same_site(SameSite::Lax)
+                        .same_site(SameSite::None)
+                        .secure(true)
                         .path("/")
                         .finish(),
                 ) {
@@ -127,10 +128,11 @@ pub async fn login(form: web::Json<AuthData>) -> impl Responder {
                         message: Some(String::from("Failed to set refresh token cookie")),
                     });
                 }
-
+                
                 if let Err(_) = response.add_cookie(
                     &Cookie::build("plm_accessToken", generated_access_token)
-                        .same_site(SameSite::Lax)
+                        .same_site(SameSite::None)
+                        .secure(true)
                         .path("/")
                         .finish(),
                 ) {