From f2e8fd312d49e5d8556ebf45fd8537f917379a22 Mon Sep 17 00:00:00 2001
From: Sven Walter <s.walter@rebuy.com>
Date: Tue, 11 Jul 2023 09:33:19 +0200
Subject: [PATCH] fix strict mode for session cookie

---
 pkg/webutil/auth.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/webutil/auth.go b/pkg/webutil/auth.go
index ac03b99..31ca31f 100644
--- a/pkg/webutil/auth.go
+++ b/pkg/webutil/auth.go
@@ -90,7 +90,7 @@ func (m *authMiddleware) handler(next http.Handler) http.Handler {
 			Expires:  time.Now().Add(7 * 24 * time.Hour), // TODO
 			Secure:   true,
 			HttpOnly: true,
-			SameSite: http.SameSiteStrictMode,
+			SameSite: http.SameSiteLaxMode,
 		}
 		http.SetCookie(w, &cookie)