Revert "Sets Token Cookie To Same Site To Lax"

This reverts commit 013ea900 Signed-off-by: Hassan Abouelela <[email protected]>
author: Hassan Abouelela <[email protected]> 2021-03-06 23:32:21 +0300
committer: Hassan Abouelela <[email protected]> 2021-03-06 23:32:21 +0300
commit: b2ad14a87ab715eb403be68722914ed1c6b51d91 (patch)
tree: 2e409cac18da2f976b5593065a185cec01e90c85
parent: Sets Token Cookie To Same Site To Lax (diff)
2 files changed, 2 insertions, 2 deletions
diff --git a/backend/routes/auth/authorize.py b/backend/routes/auth/authorize.py
index e00aef2..26d8622 100644
--- a/backend/routes/auth/authorize.py
+++ b/backend/routes/auth/authorize.py
@@ -63,7 +63,7 @@ async def process_token(bearer_token: dict) -> Union[AuthorizeResponse, AUTH_FAI
 
     response.set_cookie(
         "token", f"JWT {token}",
-        secure=constants.PRODUCTION, httponly=True, samesite="lax",
+        secure=constants.PRODUCTION, httponly=True, samesite="strict",
         max_age=bearer_token["expires_in"]
     )
     return response
diff --git a/backend/routes/forms/submit.py b/backend/routes/forms/submit.py
index 8803b7c..8680b2d 100644
--- a/backend/routes/forms/submit.py
+++ b/backend/routes/forms/submit.py
@@ -76,7 +76,7 @@ class SubmitForm(Route):
 
                     response.set_cookie(
                         "token", f"JWT {request.user.token}",
-                        secure=constants.PRODUCTION, httponly=True, samesite="lax",
+                        secure=constants.PRODUCTION, httponly=True, samesite="strict",
                         max_age=(expiry - datetime.datetime.now()).seconds
                     )
author	Hassan Abouelela <[email protected]>	2021-03-06 23:32:21 +0300
committer	Hassan Abouelela <[email protected]>	2021-03-06 23:32:21 +0300
commit	b2ad14a87ab715eb403be68722914ed1c6b51d91 (patch)
tree	2e409cac18da2f976b5593065a185cec01e90c85
parent	Sets Token Cookie To Same Site To Lax (diff)