From 96deeca6a4ad382d972e3280ef3eeadf3a76ba24 Mon Sep 17 00:00:00 2001
From: Jesse Brault <jbrault@mac.com>
Date: Wed, 7 Aug 2024 08:42:03 -0500
Subject: [PATCH] Tweaked refresh-token cookie's path and sameSite attributes.

---
 src/main/java/app/mealsmadeeasy/api/auth/AuthController.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/app/mealsmadeeasy/api/auth/AuthController.java b/src/main/java/app/mealsmadeeasy/api/auth/AuthController.java
index f002e10..3c7dcc4 100644
--- a/src/main/java/app/mealsmadeeasy/api/auth/AuthController.java
+++ b/src/main/java/app/mealsmadeeasy/api/auth/AuthController.java
@@ -15,8 +15,8 @@ public final class AuthController {
         final ResponseCookie.ResponseCookieBuilder b = ResponseCookie.from("refresh-token")
                 .httpOnly(true)
                 .secure(true)
-                .sameSite("Lax")
-                .maxAge(maxAge);
+                .maxAge(maxAge)
+                .path("/");
         if (token != null) {
             b.value(token);
         }