diff --git a/src/authentic2/compat/cookies.py b/src/authentic2/compat/cookies.py
index ddb2e9226..556cfa828 100644
--- a/src/authentic2/compat/cookies.py
+++ b/src/authentic2/compat/cookies.py
@@ -21,3 +21,16 @@ if django.VERSION < (2, 1):
     from http import cookies
 
     cookies.Morsel._reserved.setdefault('samesite', 'SameSite')
+
+    def set_cookie(response, cookie_name, *args, **kwargs):
+        samesite = kwargs.pop('samesite', None)
+
+        response.set_cookie(cookie_name, *args, **kwargs)
+        if samesite is not None:
+            response.cookies[cookie_name]['samesite'] = samesite
+
+
+else:
+
+    def set_cookie(response, cookie_name, *args, **kwargs):
+        response.set_cookie(cookie_name, *args, **kwargs)
diff --git a/src/authentic2_auth_oidc/views.py b/src/authentic2_auth_oidc/views.py
index b5d0c7c09..a6231aa5e 100644
--- a/src/authentic2_auth_oidc/views.py
+++ b/src/authentic2_auth_oidc/views.py
@@ -19,7 +19,6 @@ import json
 import logging
 import uuid
 
-import django
 import requests
 from django.conf import settings
 from django.contrib import messages
@@ -31,7 +30,7 @@ from django.utils.translation import get_language
 from django.utils.translation import ugettext as _
 from django.views.generic.base import View
 
-import authentic2.compat.cookies  # F401
+from authentic2.compat.cookies import set_cookie
 from authentic2.decorators import setting_enabled
 from authentic2.utils import authenticate, good_next_url, login, redirect
 
@@ -97,26 +96,15 @@ def oidc_login(request, pk, next_url=None, *args, **kwargs):
     # it to user SameSite=Lax. See
     # https://developer.mozilla.org/fr/docs/Web/HTTP/Headers/Set-Cookie/SameSite
     # for more explanations.
-    if django.VERSION < (2, 1):
-        response.set_cookie(
-            'oidc-state',
-            value=state_id,
-            path=reverse('oidc-login-callback'),
-            httponly=True,
-            secure=request.is_secure(),
-        )
-        # work around lack of samesite parameter to set_cookie() in Django 1.11
-        # it also needs monkeypatch from authentic2.compat.cookies.
-        response.cookies['oidc-state']['samesite'] = 'Lax'
-    else:
-        response.set_cookie(
-            'oidc-state',
-            value=state_id,
-            path=reverse('oidc-login-callback'),
-            httponly=True,
-            secure=request.is_secure(),
-            samesite='Lax',
-        )
+    set_cookie(
+        response,
+        'oidc-state',
+        value=state_id,
+        path=reverse('oidc-login-callback'),
+        httponly=True,
+        secure=request.is_secure(),
+        samesite='Lax',
+    )
     return response