samesite cookie nodejs
// Set a same-site cookie for first-party contexts
response.cookie('cookie1', 'value1', { sameSite: 'lax' });
// Set a cross-site cookie for third-party contexts
response.cookie('cookie2', 'value2', { sameSite: 'none', secure: true });