From 2713b3640f12909cb68160618aa89db3f4efa57e Mon Sep 17 00:00:00 2001
From: Sean Morley <zipsm15@gmail.com>
Date: Sun, 16 Feb 2025 15:35:10 -0500
Subject: [PATCH] feat: Set SESSION_COOKIE_SAMESITE to 'Lax' for improved
 security

---
 backend/server/main/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/server/main/settings.py b/backend/server/main/settings.py
index cf3d3ba..71ae052 100644
--- a/backend/server/main/settings.py
+++ b/backend/server/main/settings.py
@@ -131,7 +131,7 @@ USE_TZ = True
 unParsedFrontenedUrl = getenv('FRONTEND_URL', 'http://localhost:3000')
 FRONTEND_URL = unParsedFrontenedUrl.translate(str.maketrans('', '', '\'"'))
 
-SESSION_COOKIE_SAMESITE = None
+SESSION_COOKIE_SAMESITE = 'Lax'
 
 SESSION_COOKIE_SECURE = FRONTEND_URL.startswith('https')