On my website, I'm using a http only cookie to do the authentification. It works perfectly in all browser, except Safari. Whenever the app close and reopen, it changes the cookie value to new_value.
Here's how the cookie is setup using the response object from express:
response.cookie('authToken', authToken, {
expires: date, // date 5 days from now
sameSite: 'strict',
httpOnly: true,
secure: true
});
