When i use login route of my backend server, I get user information in response body, and Set-Cookie header is available, which contains JWT. However browser doesn't save that data to cookies. This is my login handler in backend:

func (s *AuthHandler) Login(c *gin.Context) {
    var request domain.LoginRequest
    if err := c.ShouldBindJSON(&request); err != nil {
        c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request"})
        return
    }

    token, err := s.authUseCase.Login(&request)
    if err != nil {
        c.JSON(http.StatusInternalServerError, gin.H{"error": "Internal server error"})
        return
    }

    user, err = s.authUseCase.GetUserByUsername(request.Username)
    if err != nil {
        c.JSON(http.StatusInternalServerError, gin.H{"error": "Internal server error"})
        return
    }

    c.SetCookie("auth_token", token, 24*60*60, "/", "", false, true)
    c.JSON(http.StatusOK, gin.H{
        "message": "Login successful",
        "user": gin.H{
            "id":         user.ID,
            "username":   user.Username,
            "email":      user.Email,
        },
    })
}

my CORS config is as such:

    config := cors.Config{
        AllowOrigins:     []string{"http://localhost:5173"},
        AllowMethods:     []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
        AllowHeaders:     []string{"Origin", "Content-Type", "Accept", "Authorization", "Access-Control-Allow-Credentials"},
        AllowCredentials: true,
        ExposeHeaders:    []string{"Set-Cookie"},
    }

After sending request to login endpoint with credentials, I get a response with following headers:

The problem is that my browser doesn't save the cookie. I spent a good amount of time researching the issue, but can't quite solve it.