From 5a2549ba2250766548b7226727041dc81ca80cfe Mon Sep 17 00:00:00 2001
From: viveksantayana <me@viveksantayana.co.uk>
Date: Wed, 8 Dec 2021 11:26:18 +0000
Subject: [PATCH] Cookie bugfix, removed 'session' string from expiry/age

---
 ref-test/admin/models/users.py | 20 +++++++++++---------
 ref-test/common/blueprints.py  |  7 ++++---
 2 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/ref-test/admin/models/users.py b/ref-test/admin/models/users.py
index b2f62df..71c9da1 100644
--- a/ref-test/admin/models/users.py
+++ b/ref-test/admin/models/users.py
@@ -20,13 +20,14 @@ class User:
         self.remember = remember
 
     def start_session(self, resp:Response):
+        from main import app
         resp.set_cookie(
             key = '_id',
             value = self._id,
-            max_age = timedelta(days=14) if self.remember else 'Session',
+            max_age = timedelta(days=14) if self.remember else None,
             path = '/',
-            expires = datetime.utcnow() + timedelta(days=14) if self.remember else 'Session',
-            domain = '.reftest.vsnt.uk',
+            expires = datetime.utcnow() + timedelta(days=14) if self.remember else None,
+            domain = f'.{app.config["SERVER_NAME"]}',
             secure = True
         )
         if self.remember:
@@ -36,7 +37,7 @@ class User:
                 max_age = timedelta(days=14),
                 path = '/',
                 expires = datetime.utcnow() + timedelta(days=14),
-                domain = '.reftest.vsnt.uk',
+                domain = f'.{app.config["SERVER_NAME"]}',
                 secure = True
             )
 
@@ -79,22 +80,23 @@ class User:
 
     def logout(self):
         resp = make_response(redirect(url_for('admin_auth.login')))
+        from main import app
         resp.set_cookie(
             key = '_id',
             value = '',
             max_age = timedelta(days=-1),
             path = '/',
             expires= datetime.utcnow() + timedelta(days=-1),
-            domain = '.reftest.vsnt.uk',
+            domain = f'.{app.config["SERVER_NAME"]}',
             secure = True
         )
         resp.set_cookie (
             key = 'cookie_consent',
             value = 'True',
-            max_age = 'Session',
+            max_age = None,
             path = '/',
-            expires = 'Session',
-            domain = '.reftest.vsnt.uk',
+            expires = None,
+            domain = f'.{app.config["SERVER_NAME"]}',
             secure = True
         )
         resp.set_cookie (
@@ -103,7 +105,7 @@ class User:
             max_age = timedelta(days=-1),
             path = '/',
             expires = datetime.utcnow() + timedelta(days=-1),
-            domain = '.reftest.vsnt.uk',
+            domain = f'.{app.config["SERVER_NAME"]}',
             secure = True
         )
         flash('You have been logged out. All cookies pertaining to your account have been deleted. Have a nice day.', 'alert')
diff --git a/ref-test/common/blueprints.py b/ref-test/common/blueprints.py
index 4500c2a..39f0e9c 100644
--- a/ref-test/common/blueprints.py
+++ b/ref-test/common/blueprints.py
@@ -7,14 +7,15 @@ cookie_consent = Blueprint(
 )
 @cookie_consent.route('/')
 def _cookies():
+    from main import app
     resp = redirect('/')
     resp.set_cookie(
         key = 'cookie_consent',
         value = 'True',
-        max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else 'Session',
+        max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else None,
         path = '/',
-        expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else 'Session',
-        domain = '.reftest.vsnt.uk',
+        expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else None,
+        domain = f'.{app.config["SERVER_NAME"]}',
         secure = True
     )
     return resp
\ No newline at end of file