From b08ba5eef26e0898f344433b39c699ca49c2df71 Mon Sep 17 00:00:00 2001
From: Brian Evans <ebrian101@gmail.com>
Date: Fri, 18 Oct 2024 21:36:15 +0100
Subject: [PATCH] Fix session cookie not being set in HTTPS

Signed-off-by: Brian Evans <ebrian101@gmail.com>
---
 server/index.ts | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/server/index.ts b/server/index.ts
index e04f4e8..83037fb 100644
--- a/server/index.ts
+++ b/server/index.ts
@@ -6,7 +6,7 @@ import {serverLogTransport} from '../backend-shared/loggers.js'
 import RedisStore from 'connect-redis'
 const port = parseInt(process.env.PORT??'4004')
 
-const fastify = Fastify({logger: {stream: serverLogTransport, level: 'trace'}})
+const fastify = Fastify({logger: {stream: serverLogTransport, level: 'trace'}, trustProxy: true})
 
 //register any third party plugins here
 {
@@ -15,7 +15,8 @@ const fastify = Fastify({logger: {stream: serverLogTransport, level: 'trace'}})
     secret: getEnv('SESSION_SECRET'),
     cookie: {
       secure: getEnv('SITE_ADDRESS').startsWith('https'),
-      maxAge: 86400_000*30
+      maxAge: 86400_000*30,
+      sameSite: 'lax'
     },
     saveUninitialized: false,
     // set store to Redis so that sessions are persisted after server restarts