switch all cookies from sameSite strict to lax for proxy compatibility

2026-03-21 23:37:04 +02:00
parent cdb9e5d8ee
commit 320e724ac8
5 changed files with 10 additions and 10 deletions
--- a/packages/api/src/routes/admin/auth.ts
+++ b/packages/api/src/routes/admin/auth.ts
@@ -89,12 +89,12 @@ export default async function adminAuthRoutes(app: FastifyInstance) {
      reply
        .setCookie("echoboard_admin", adminToken, {
-          path: "/", httpOnly: true, sameSite: "strict",
+          path: "/", httpOnly: true, sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 4,
        })
        .setCookie("echoboard_passkey", userToken, {
-          path: "/", httpOnly: true, sameSite: "strict",
+          path: "/", httpOnly: true, sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 4,
        })
@@ -151,14 +151,14 @@ export default async function adminAuthRoutes(app: FastifyInstance) {
        .setCookie("echoboard_admin", adminToken, {
          path: "/",
          httpOnly: true,
-          sameSite: "strict",
+          sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 4,
        })
        .setCookie("echoboard_passkey", userToken, {
          path: "/",
          httpOnly: true,
-          sameSite: "strict",
+          sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 4,
        })
--- a/packages/api/src/routes/admin/team.ts
+++ b/packages/api/src/routes/admin/team.ts
@@ -338,17 +338,17 @@ export default async function adminTeamRoutes(app: FastifyInstance) {
      reply
        .setCookie("echoboard_token", sessionToken, {
-          path: "/", httpOnly: true, sameSite: "strict",
+          path: "/", httpOnly: true, sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 24 * 90,
        })
        .setCookie("echoboard_admin", adminJwt, {
-          path: "/", httpOnly: true, sameSite: "strict",
+          path: "/", httpOnly: true, sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 24,
        })
        .setCookie("echoboard_passkey", userJwt, {
-          path: "/", httpOnly: true, sameSite: "strict",
+          path: "/", httpOnly: true, sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 24,
        })
--- a/packages/api/src/routes/identity.ts
+++ b/packages/api/src/routes/identity.ts
@@ -28,7 +28,7 @@ export default async function identityRoutes(app: FastifyInstance) {
      .setCookie("echoboard_token", token, {
        path: "/",
        httpOnly: true,
-        sameSite: "strict",
+        sameSite: "lax",
        secure: process.env.NODE_ENV === "production",
        maxAge: 60 * 60 * 24 * 90,
      })
--- a/packages/api/src/routes/passkey.ts
+++ b/packages/api/src/routes/passkey.ts
@@ -274,7 +274,7 @@ export default async function passkeyRoutes(app: FastifyInstance) {
        .setCookie("echoboard_passkey", token, {
          path: "/",
          httpOnly: true,
-          sameSite: "strict",
+          sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 24,
        })
--- a/packages/api/src/routes/recovery.ts
+++ b/packages/api/src/routes/recovery.ts
@@ -132,7 +132,7 @@ export default async function recoveryRoutes(app: FastifyInstance) {
        .setCookie("echoboard_token", token, {
          path: "/",
          httpOnly: true,
-          sameSite: "strict",
+          sameSite: "lax",
          secure: process.env.NODE_ENV === "production",
          maxAge: 60 * 60 * 24 * 90,
        })