From 4968c49318a73bddd6a09c7f10e9afe59a51fb15 Mon Sep 17 00:00:00 2001
From: Abhishek Shroff <shroff@kudosoft.net>
Date: Mon, 28 Apr 2025 23:08:39 +0530
Subject: [PATCH] [server] Set same site cookie

---
 server/internal/api/v1/auth/routes.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server/internal/api/v1/auth/routes.go b/server/internal/api/v1/auth/routes.go
index 7ff5c28c..e1a6d0b9 100644
--- a/server/internal/api/v1/auth/routes.go
+++ b/server/internal/api/v1/auth/routes.go
@@ -61,5 +61,6 @@ func handleSetCookie(c *gin.Context) {
 		panic(errors.NewError(http.StatusBadRequest, "missing_token", "Auth Token Not Specified"))
 	}
 	secure := c.Request.URL.Scheme == "https"
+	c.SetSameSite(http.SameSiteStrictMode)
 	c.SetCookie("auth_token", token, 3600, "", c.Request.URL.Hostname(), secure, true)
 }