From f6defbf90d59427eefe8679516ca9484c89d5856 Mon Sep 17 00:00:00 2001
From: Evgenii Alekseev <i@arcanis.me>
Date: Fri, 20 Feb 2026 20:54:37 +0200
Subject: [PATCH] fix: rollback samesite option to Lax, because of broken OAuth

---
 src/ahriman/web/middlewares/auth_handler.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ahriman/web/middlewares/auth_handler.py b/src/ahriman/web/middlewares/auth_handler.py
index 44e36f14..41652f4c 100644
--- a/src/ahriman/web/middlewares/auth_handler.py
+++ b/src/ahriman/web/middlewares/auth_handler.py
@@ -154,7 +154,7 @@ def setup_auth(application: Application, configuration: Configuration, validator
         cookie_name="AHRIMAN",
         max_age=validator.max_age,
         httponly=True,
-        samesite="Strict",
+        samesite="Lax",
     )
     setup_session(application, storage)