diff --git a/server/routes/auth.js b/server/routes/auth.js
index 14a39bcf..2f628a02 100644
--- a/server/routes/auth.js
+++ b/server/routes/auth.js
@@ -22,7 +22,7 @@ const setAuthToken = (res, username, isAdmin) => {
     expiresIn: expirationSeconds,
   });
 
-  res.cookie('jwt', token, {expires: new Date(cookieExpiration), httpOnly: true});
+  res.cookie('jwt', token, {expires: new Date(cookieExpiration), httpOnly: true, sameSite: 'Strict'});
 
   return res.json({
     success: true,