chore: fix cookie attrs

api/v2/auth_service.go

@@ -165,7 +165,7 @@ func (s *APIV2Service) doSignIn(ctx context.Context, user *store.User, expireTim
 		cookieExpires = time.Now().AddDate(100, 0, 0)
 	}
 	if err := grpc.SetHeader(ctx, metadata.New(map[string]string{
-		"Set-Cookie": fmt.Sprintf("%s=%s; Path=/; Expires=%s; HttpOnly; SameSite=None", auth.AccessTokenCookieName, accessToken, cookieExpires.Format(time.RFC1123)),
+		"Set-Cookie": fmt.Sprintf("%s=%s; Path=/; Expires=%s; HttpOnly; SameSite=Strict", auth.AccessTokenCookieName, accessToken, cookieExpires.Format(time.RFC1123)),
 	})); err != nil {
 		return status.Errorf(codes.Internal, "failed to set grpc header, error: %v", err)
 	}
@@ -231,7 +231,7 @@ func (*APIV2Service) SignOut(ctx context.Context, _ *apiv2pb.SignOutRequest) (*a
 
 func clearAccessTokenCookie(ctx context.Context) error {
 	if err := grpc.SetHeader(ctx, metadata.New(map[string]string{
-		"Set-Cookie": fmt.Sprintf("%s=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=None", auth.AccessTokenCookieName),
+		"Set-Cookie": fmt.Sprintf("%s=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; SameSite=Strict", auth.AccessTokenCookieName),
 	})); err != nil {
 		return errors.Wrap(err, "failed to set grpc header")
 	}