Cookie bugfix, removed 'session' string from expiry/age

2021-12-08 11:26:18 +00:00 · 2021-12-08 11:26:18 +00:00 · 5a2549ba22
commit 5a2549ba22
parent 6e1f7c6df1
2 changed files with 15 additions and 12 deletions
--- a/ref-test/admin/models/users.py
+++ b/ref-test/admin/models/users.py
@ -20,13 +20,14 @@ class User:
        self.remember = remember

    def start_session(self, resp:Response):
+        from main import app
        resp.set_cookie(
            key = '_id',
            value = self._id,
-            max_age = timedelta(days=14) if self.remember else 'Session',
+            max_age = timedelta(days=14) if self.remember else None,
            path = '/',
-            expires = datetime.utcnow() + timedelta(days=14) if self.remember else 'Session',
-            domain = '.reftest.vsnt.uk',
+            expires = datetime.utcnow() + timedelta(days=14) if self.remember else None,
+            domain = f'.{app.config["SERVER_NAME"]}',
            secure = True
        )
        if self.remember:
@ -36,7 +37,7 @@ class User:
                max_age = timedelta(days=14),
                path = '/',
                expires = datetime.utcnow() + timedelta(days=14),
-                domain = '.reftest.vsnt.uk',
+                domain = f'.{app.config["SERVER_NAME"]}',
                secure = True
            )

@ -79,22 +80,23 @@ class User:

    def logout(self):
        resp = make_response(redirect(url_for('admin_auth.login')))
+        from main import app
        resp.set_cookie(
            key = '_id',
            value = '',
            max_age = timedelta(days=-1),
            path = '/',
            expires= datetime.utcnow() + timedelta(days=-1),
-            domain = '.reftest.vsnt.uk',
+            domain = f'.{app.config["SERVER_NAME"]}',
            secure = True
        )
        resp.set_cookie (
            key = 'cookie_consent',
            value = 'True',
-            max_age = 'Session',
+            max_age = None,
            path = '/',
-            expires = 'Session',
-            domain = '.reftest.vsnt.uk',
+            expires = None,
+            domain = f'.{app.config["SERVER_NAME"]}',
            secure = True
        )
        resp.set_cookie (
@ -103,7 +105,7 @@ class User:
            max_age = timedelta(days=-1),
            path = '/',
            expires = datetime.utcnow() + timedelta(days=-1),
-            domain = '.reftest.vsnt.uk',
+            domain = f'.{app.config["SERVER_NAME"]}',
            secure = True
        )
        flash('You have been logged out. All cookies pertaining to your account have been deleted. Have a nice day.', 'alert')
--- a/ref-test/common/blueprints.py
+++ b/ref-test/common/blueprints.py
@ -7,14 +7,15 @@ cookie_consent = Blueprint(
 )
@cookie_consent.route('/')
 def _cookies():
+    from main import app
    resp = redirect('/')
    resp.set_cookie(
        key = 'cookie_consent',
        value = 'True',
-        max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else 'Session',
+        max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else None,
        path = '/',
-        expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else 'Session',
-        domain = '.reftest.vsnt.uk',
+        expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else None,
+        domain = f'.{app.config["SERVER_NAME"]}',
        secure = True
    )
    return resp