From 3bdeab46f1e16a8a97a7c83957083cb5e59d8117 Mon Sep 17 00:00:00 2001
From: Aleksandr Fenin <madhamst3r@gmail.com>
Date: Fri, 19 Sep 2025 16:53:42 +0300
Subject: [PATCH] security/http-only-cookies: fix SameSite cookie settings for
 localhost development

---
 internal/http/auth_handlers.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/http/auth_handlers.go b/internal/http/auth_handlers.go
index 6fe04ad..c2ab7ee 100644
--- a/internal/http/auth_handlers.go
+++ b/internal/http/auth_handlers.go
@@ -28,7 +28,7 @@ func NewAuthHandlers(authService services.AuthService, logger *logger.Logger, cf
 }
 
 func (h *AuthHandlers) getCookieSettings() (secure bool, sameSite http.SameSite) {
-	return false, http.SameSiteNoneMode
+	return false, http.SameSiteDefaultMode
 }
 
 func (h *AuthHandlers) setSecureCookie(w http.ResponseWriter, name, value string, maxAge int) {