Set SameSite to strict on the session cookie

lib/session.go

@@ -10,7 +10,12 @@ import (
 	"gitlab.com/trantor/trantor/lib/database"
 )
 
-var sesStore = sessions.NewCookieStore([]byte(os.Getenv("SESSION_KEY")))
+var sesStore *sessions.CookieStore
+
+func init() {
+	sesStore = sessions.NewCookieStore([]byte(os.Getenv("SESSION_KEY")))
+	sesStore.Options.SameSite = http.SameSiteStrictMode
+}
 
 type Notification struct {
 	Title string