From c6a982e702e37119071bd6b13e9ddb48f9f16599 Mon Sep 17 00:00:00 2001
From: Isaac <git@eartharoid.me>
Date: Sun, 21 Apr 2024 02:03:56 +0100
Subject: [PATCH] fix: token samesite=secure

---
 src/routes/auth/callback.js | 11 +++++++++--
 src/routes/auth/logout.js   |  2 +-
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/routes/auth/callback.js b/src/routes/auth/callback.js
index 59821ab..361a317 100644
--- a/src/routes/auth/callback.js
+++ b/src/routes/auth/callback.js
@@ -29,9 +29,16 @@ module.exports.get = () => ({
 			httpOnly: true,
 			maxAge: data.expires_in,
 			path: '/',
-			sameSite: 'Lax',
+			sameSite: 'Strict',
 			secure: false,
 		});
-		return res.redirect(303, redirect);
+		res.header('Content-Type', 'text/html');
+		return res.send(`
+<!DOCTYPE html>
+<html>
+<head><meta http-equiv="refresh" content="0; url='${redirect}'"></head>
+<body></body>
+</html>
+`);
 	},
 });
diff --git a/src/routes/auth/logout.js b/src/routes/auth/logout.js
index bf5908c..6399616 100644
--- a/src/routes/auth/logout.js
+++ b/src/routes/auth/logout.js
@@ -18,7 +18,7 @@ module.exports.get = fastify => ({
 			domain,
 			httpOnly: true,
 			path: '/',
-			sameSite: 'Lax',
+			sameSite: 'Strict',
 			secure: false,
 		}).send('The token has been revoked.');
 	},