Update OAuth docs

The cookie should be ``lax`` in order to be send to the redirect target as the sign in OAuth flow is cross site.
Keep in mind that with a lax session cookie you should make some checks when receiving requests to sensitive endpoints. Easy way, save a strict cookie with the same session and check they are the same in a middleware for your sensitive routes.

src/routes/docs/tutorials/astro-ssr-auth/step-7/+page.markdoc

@@ -68,7 +68,7 @@ export const GET = async ({ redirect, cookies, url }) => {
 
   // Set the session cookie
   cookies.set(SESSION_COOKIE, session.secret, {
-    sameSite: "strict",
+    sameSite: "lax",
     expires: new Date(session.expire),
     secure: true,
     httpOnly: true,