From fd21b41755b0f8c5ad157cae5e3ced24d26621b1 Mon Sep 17 00:00:00 2001
From: Dan G <freemvmt@posteo.net>
Date: Thu, 31 Oct 2024 17:09:23 +0000
Subject: [PATCH] test lax JWT cookie

---
 api.planx.uk/modules/auth/controller.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api.planx.uk/modules/auth/controller.ts b/api.planx.uk/modules/auth/controller.ts
index c87c4e6ca7..8aa69b6d2f 100644
--- a/api.planx.uk/modules/auth/controller.ts
+++ b/api.planx.uk/modules/auth/controller.ts
@@ -40,7 +40,7 @@ function setJWTCookie(returnTo: string, res: Response, req: Request) {
       new Date().setFullYear(new Date().getFullYear() + 1),
     ).getTime(),
     // the JWT/auth cookies should be sent only between the API server and editor
-    sameSite: "strict",
+    sameSite: "lax",
     secure: true,
   };