Cookie bugfix, removed 'session' string from expiry/age

This commit is contained in:
Vivek Santayana 2021-12-08 11:26:18 +00:00
parent 6e1f7c6df1
commit 5a2549ba22
2 changed files with 15 additions and 12 deletions

View File

@ -20,13 +20,14 @@ class User:
self.remember = remember self.remember = remember
def start_session(self, resp:Response): def start_session(self, resp:Response):
from main import app
resp.set_cookie( resp.set_cookie(
key = '_id', key = '_id',
value = self._id, value = self._id,
max_age = timedelta(days=14) if self.remember else 'Session', max_age = timedelta(days=14) if self.remember else None,
path = '/', path = '/',
expires = datetime.utcnow() + timedelta(days=14) if self.remember else 'Session', expires = datetime.utcnow() + timedelta(days=14) if self.remember else None,
domain = '.reftest.vsnt.uk', domain = f'.{app.config["SERVER_NAME"]}',
secure = True secure = True
) )
if self.remember: if self.remember:
@ -36,7 +37,7 @@ class User:
max_age = timedelta(days=14), max_age = timedelta(days=14),
path = '/', path = '/',
expires = datetime.utcnow() + timedelta(days=14), expires = datetime.utcnow() + timedelta(days=14),
domain = '.reftest.vsnt.uk', domain = f'.{app.config["SERVER_NAME"]}',
secure = True secure = True
) )
@ -79,22 +80,23 @@ class User:
def logout(self): def logout(self):
resp = make_response(redirect(url_for('admin_auth.login'))) resp = make_response(redirect(url_for('admin_auth.login')))
from main import app
resp.set_cookie( resp.set_cookie(
key = '_id', key = '_id',
value = '', value = '',
max_age = timedelta(days=-1), max_age = timedelta(days=-1),
path = '/', path = '/',
expires= datetime.utcnow() + timedelta(days=-1), expires= datetime.utcnow() + timedelta(days=-1),
domain = '.reftest.vsnt.uk', domain = f'.{app.config["SERVER_NAME"]}',
secure = True secure = True
) )
resp.set_cookie ( resp.set_cookie (
key = 'cookie_consent', key = 'cookie_consent',
value = 'True', value = 'True',
max_age = 'Session', max_age = None,
path = '/', path = '/',
expires = 'Session', expires = None,
domain = '.reftest.vsnt.uk', domain = f'.{app.config["SERVER_NAME"]}',
secure = True secure = True
) )
resp.set_cookie ( resp.set_cookie (
@ -103,7 +105,7 @@ class User:
max_age = timedelta(days=-1), max_age = timedelta(days=-1),
path = '/', path = '/',
expires = datetime.utcnow() + timedelta(days=-1), expires = datetime.utcnow() + timedelta(days=-1),
domain = '.reftest.vsnt.uk', domain = f'.{app.config["SERVER_NAME"]}',
secure = True secure = True
) )
flash('You have been logged out. All cookies pertaining to your account have been deleted. Have a nice day.', 'alert') flash('You have been logged out. All cookies pertaining to your account have been deleted. Have a nice day.', 'alert')

View File

@ -7,14 +7,15 @@ cookie_consent = Blueprint(
) )
@cookie_consent.route('/') @cookie_consent.route('/')
def _cookies(): def _cookies():
from main import app
resp = redirect('/') resp = redirect('/')
resp.set_cookie( resp.set_cookie(
key = 'cookie_consent', key = 'cookie_consent',
value = 'True', value = 'True',
max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else 'Session', max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else None,
path = '/', path = '/',
expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else 'Session', expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else None,
domain = '.reftest.vsnt.uk', domain = f'.{app.config["SERVER_NAME"]}',
secure = True secure = True
) )
return resp return resp