From c0dc2fdcb92b6eefba22618b8129ec70398140db Mon Sep 17 00:00:00 2001
From: john <me@johnmorr.is>
Date: Mon, 26 May 2025 22:06:49 +0200
Subject: [PATCH] update session stuff

---
 Femto.Api/Auth/CookieSettings.cs                   | 1 +
 Femto.Api/Properties/launchSettings.json           | 2 +-
 Femto.Api/Sessions/HttpContextSessionExtensions.cs | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/Femto.Api/Auth/CookieSettings.cs b/Femto.Api/Auth/CookieSettings.cs
index fedfd27..a98a5cb 100644
--- a/Femto.Api/Auth/CookieSettings.cs
+++ b/Femto.Api/Auth/CookieSettings.cs
@@ -2,6 +2,7 @@ namespace Femto.Api.Auth;
 
 public class CookieSettings
 {
+    public SameSiteMode SameSite { get; set; }
     public bool Secure { get; set; }
     public string? Domain { get; set; }
 }
\ No newline at end of file
diff --git a/Femto.Api/Properties/launchSettings.json b/Femto.Api/Properties/launchSettings.json
index 237dc27..9a9026a 100644
--- a/Femto.Api/Properties/launchSettings.json
+++ b/Femto.Api/Properties/launchSettings.json
@@ -14,7 +14,7 @@
       "commandName": "Project",
       "dotnetRunMessages": true,
       "launchBrowser": false,
-      "applicationUrl": "https://0.0.0.0:7269;http://0.0.0.0:5181",
+      "applicationUrl": "https://stinkpad:7269;http://0.0.0.0:5181",
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development"
       }
diff --git a/Femto.Api/Sessions/HttpContextSessionExtensions.cs b/Femto.Api/Sessions/HttpContextSessionExtensions.cs
index f8f93b9..f5e5d25 100644
--- a/Femto.Api/Sessions/HttpContextSessionExtensions.cs
+++ b/Femto.Api/Sessions/HttpContextSessionExtensions.cs
@@ -13,7 +13,7 @@ internal static class HttpContextSessionExtensions
         var cookieSettings = httpContext.RequestServices.GetService<IOptions<CookieSettings>>();
         
         var secure = cookieSettings?.Value.Secure ?? true;
-        var sameSite = secure ? SameSiteMode.None : SameSiteMode.Unspecified;
+        var sameSite = cookieSettings?.Value.SameSite ?? SameSiteMode.Strict;
         var domain = cookieSettings?.Value.Domain;
         var expires = session.Expires;