Merge pull request #3296 from manyfold3d/fix-redirection-after-links

Use SameSite=Lax cookies to allow auto-login after linking

config/initializers/devise.rb

@@ -175,7 +175,7 @@
   # Options to be passed to the created cookie. For instance, you can set
   # secure: true in order to force SSL only cookies.
   config.rememberable_options = {
-    same_site: :strict,
+    same_site: :lax,
     secure: Rails.application.config.force_ssl
   }
 

config/initializers/session_storage.rb

@@ -1,5 +1,5 @@
 Rails.application.config.session_store :cookie_store,
   expire_after: 14.days,
   key: "_manyfold_session",
-  same_site: :strict,
+  same_site: :lax,
   secure: Rails.application.config.force_ssl