Add sameSite attribute to cookies

auth.go

@@ -26,6 +26,7 @@ func logout(w http.ResponseWriter, ps httprouter.Params, body []byte) HTTPRespon
 		Expires:  time.Unix(0, 0),
 		Secure:   true,
 		HttpOnly: true,
+		SameSite: http.SameSiteStrictMode,
 	})
 
 	return APIResponse{true}
@@ -58,8 +59,9 @@ func completeAuth(w http.ResponseWriter, username string, email string, firstnam
 		Value:    base64.StdEncoding.EncodeToString(session.Id),
 		Path:     baseURL + "/",
 		Expires:  time.Now().Add(30 * 24 * time.Hour),
-		//Secure: true,
+		Secure:   true,
 		HttpOnly: true,
+		SameSite: http.SameSiteStrictMode,
 	})
 
 	return nil