From bf8daa8444fc5f52236e198eb54f4150990f7386 Mon Sep 17 00:00:00 2001
From: Ivan Cvitkovic <icvitkovic@gmail.com>
Date: Tue, 31 Oct 2023 16:29:01 -0700
Subject: [PATCH] Set cookie samesite default, allow configuration by env var

---
 confidential_backend/config.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/confidential_backend/config.py b/confidential_backend/config.py
index 57731dc0..5c35998d 100644
--- a/confidential_backend/config.py
+++ b/confidential_backend/config.py
@@ -14,6 +14,7 @@
 
 SESSION_TYPE = os.getenv("SESSION_TYPE", 'redis')
 SESSION_REDIS = redis.from_url(os.getenv("SESSION_REDIS", "redis://127.0.0.1:6379"))
+SESSION_COOKIE_SAMESITE = os.getenv("SESSION_COOKIE_SAMESITE", 'None')
 
 REQUEST_CACHE_URL = os.environ.get('REQUEST_CACHE_URL', 'redis://localhost:6379/0')
 REQUEST_CACHE_EXPIRE = 24 * 60 * 60  # 24 hours