diff --git a/ref-test/app/admin/static/js/script.js b/ref-test/app/admin/static/js/script.js
index f6206a0..30c8a49 100644
--- a/ref-test/app/admin/static/js/script.js
+++ b/ref-test/app/admin/static/js/script.js
@@ -152,7 +152,7 @@ $('#dismiss-cookie-alert').click(function(event){
$.ajax({
url: '/cookies/',
- type: 'GET',
+ type: 'POST',
data: {
time: Date.now()
},
diff --git a/ref-test/app/config.py b/ref-test/app/config.py
index cd987bd..3dcd48b 100644
--- a/ref-test/app/config.py
+++ b/ref-test/app/config.py
@@ -9,6 +9,7 @@ class Config(object):
DEBUG = False
TESTING = False
SECRET_KEY = os.getenv('SECRET_KEY')
+ SERVER_NAME = os.getenv('SERVER_NAME')
SESSION_COOKIE_SECURE = True
SQLALCHEMY_DATABASE_URI = f'sqlite:///{Path(DATA)}/database.db'
SQLALCHEMY_TRACK_MODIFICATIONS = False
diff --git a/ref-test/app/quiz/static/js/script.js b/ref-test/app/quiz/static/js/script.js
index e5f0ed1..ba30892 100644
--- a/ref-test/app/quiz/static/js/script.js
+++ b/ref-test/app/quiz/static/js/script.js
@@ -68,7 +68,7 @@ $('#dismiss-cookie-alert').click(function(event){
$.ajax({
url: '/cookies/',
- type: 'GET',
+ type: 'POST',
data: {
time: Date.now()
},
diff --git a/ref-test/app/views.py b/ref-test/app/views.py
index c54fe36..e7795ea 100644
--- a/ref-test/app/views.py
+++ b/ref-test/app/views.py
@@ -5,7 +5,7 @@ from flask import Blueprint, redirect, request, render_template
from datetime import datetime, timedelta
views = Blueprint(
- name='common',
+ name='views',
import_name=__name__,
template_folder='templates',
static_folder='static'
@@ -15,7 +15,7 @@ views = Blueprint(
def _privacy():
return render_template('privacy.html')
-@views.route('/cookie_consent/')
+@views.route('/cookies/', methods=['POST'])
def _cookie_consent():
resp = redirect('/')
resp.set_cookie(
@@ -24,7 +24,7 @@ def _cookie_consent():
max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else None,
path = '/',
expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else None,
- domain = f'.{Config.SERVER_NAME}',
+ domain = f'{Config.SERVER_NAME}',
secure = True
)
return resp
\ No newline at end of file
diff --git a/ref-test/main.py b/ref-test/main.py
index af53bd2..878455c 100644
--- a/ref-test/main.py
+++ b/ref-test/main.py
@@ -2,9 +2,10 @@ from app.models import User
from app.modules import bootstrap, csrf, db, login_manager, mail
from config import Config
-from flask import Flask
-from flask_wtf.csrf import CSRFError
+from flask import flash, Flask, request
+from flask.helpers import url_for
from flask.json import jsonify
+from flask_wtf.csrf import CSRFError
from werkzeug.middleware.proxy_fix import ProxyFix
from datetime import datetime
@@ -25,6 +26,14 @@ def create_app():
def _load_user(id):
return User.query.filter_by(id=id).first()
+ @app.before_request
+ def _check_cookie_consent():
+ if request.cookies.get('cookie_consent'):
+ return
+ if any([ request.path.startswith(x) for x in [ '/admin/static/', '/static/', '/cookies/' ] ]):
+ return
+ flash(f'Cookie Consent: This web site only stores minimal, functional cookies. It does not store any tracking information. By using this site, you consent to this use of cookies. For more information, see our privacy policy.', 'cookie_alert')
+
@app.errorhandler(404)
def _404_handler(error):
return jsonify({'error':'404 — Not Found'}), 404
@@ -37,8 +46,8 @@ def create_app():
from app.admin.views import admin
from app.api.views import api
- from app.views import views
from app.quiz.views import quiz
+ from app.views import views
app.register_blueprint(admin, url_prefix='/admin')
app.register_blueprint(api, url_prefix='/api')