From 320e724ac830612ae33086164f217eace6bcd62f Mon Sep 17 00:00:00 2001 From: lashman Date: Sat, 21 Mar 2026 23:37:04 +0200 Subject: [PATCH] switch all cookies from sameSite strict to lax for proxy compatibility --- packages/api/src/routes/admin/auth.ts | 8 ++++---- packages/api/src/routes/admin/team.ts | 6 +++--- packages/api/src/routes/identity.ts | 2 +- packages/api/src/routes/passkey.ts | 2 +- packages/api/src/routes/recovery.ts | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/packages/api/src/routes/admin/auth.ts b/packages/api/src/routes/admin/auth.ts index df967ea..192ae96 100644 --- a/packages/api/src/routes/admin/auth.ts +++ b/packages/api/src/routes/admin/auth.ts @@ -89,12 +89,12 @@ export default async function adminAuthRoutes(app: FastifyInstance) { reply .setCookie("echoboard_admin", adminToken, { - path: "/", httpOnly: true, sameSite: "strict", + path: "/", httpOnly: true, sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 4, }) .setCookie("echoboard_passkey", userToken, { - path: "/", httpOnly: true, sameSite: "strict", + path: "/", httpOnly: true, sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 4, }) @@ -151,14 +151,14 @@ export default async function adminAuthRoutes(app: FastifyInstance) { .setCookie("echoboard_admin", adminToken, { path: "/", httpOnly: true, - sameSite: "strict", + sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 4, }) .setCookie("echoboard_passkey", userToken, { path: "/", httpOnly: true, - sameSite: "strict", + sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 4, }) diff --git a/packages/api/src/routes/admin/team.ts b/packages/api/src/routes/admin/team.ts index 67c6cfd..9d30fb9 100644 --- a/packages/api/src/routes/admin/team.ts +++ b/packages/api/src/routes/admin/team.ts @@ -338,17 +338,17 @@ export default async function adminTeamRoutes(app: FastifyInstance) { reply .setCookie("echoboard_token", sessionToken, { - path: "/", httpOnly: true, sameSite: "strict", + path: "/", httpOnly: true, sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 24 * 90, }) .setCookie("echoboard_admin", adminJwt, { - path: "/", httpOnly: true, sameSite: "strict", + path: "/", httpOnly: true, sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 24, }) .setCookie("echoboard_passkey", userJwt, { - path: "/", httpOnly: true, sameSite: "strict", + path: "/", httpOnly: true, sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 24, }) diff --git a/packages/api/src/routes/identity.ts b/packages/api/src/routes/identity.ts index dea0bc0..913a429 100644 --- a/packages/api/src/routes/identity.ts +++ b/packages/api/src/routes/identity.ts @@ -28,7 +28,7 @@ export default async function identityRoutes(app: FastifyInstance) { .setCookie("echoboard_token", token, { path: "/", httpOnly: true, - sameSite: "strict", + sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 24 * 90, }) diff --git a/packages/api/src/routes/passkey.ts b/packages/api/src/routes/passkey.ts index e9a9c30..715326a 100644 --- a/packages/api/src/routes/passkey.ts +++ b/packages/api/src/routes/passkey.ts @@ -274,7 +274,7 @@ export default async function passkeyRoutes(app: FastifyInstance) { .setCookie("echoboard_passkey", token, { path: "/", httpOnly: true, - sameSite: "strict", + sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 24, }) diff --git a/packages/api/src/routes/recovery.ts b/packages/api/src/routes/recovery.ts index a854a0e..975b827 100644 --- a/packages/api/src/routes/recovery.ts +++ b/packages/api/src/routes/recovery.ts @@ -132,7 +132,7 @@ export default async function recoveryRoutes(app: FastifyInstance) { .setCookie("echoboard_token", token, { path: "/", httpOnly: true, - sameSite: "strict", + sameSite: "lax", secure: process.env.NODE_ENV === "production", maxAge: 60 * 60 * 24 * 90, })