fix(session): 将sameSite策略更改为strict以增强安全性

- 将session配置中的sameSite属性从lax更改为strict
- 提高了跨站请求伪造(CSRF)防护力度
- 参考了相关安全最佳实践链接

src/middlewares/Session/index.js

@@ -9,7 +9,7 @@ export default (app) => {
     rolling: false,
     renew: false,
     secure: process.env.NODE_ENV === "production" && process.env.HTTPS_ENABLE === "on",
-    sameSite: "lax", // https://scotthelme.co.uk/csrf-is-dead/
+    sameSite: "strict", // https://scotthelme.co.uk/csrf-is-dead/
   };
   return session(CONFIG, app);
 };