Added cookie consent

2022-06-16 13:22:06 +01:00 · 2022-06-16 13:22:06 +01:00 · 5c8435d39e
commit 5c8435d39e
parent e4e07c43b4
5 changed files with 18 additions and 8 deletions
--- a/ref-test/app/admin/static/js/script.js
+++ b/ref-test/app/admin/static/js/script.js
@ -152,7 +152,7 @@ $('#dismiss-cookie-alert').click(function(event){
    $.ajax({
        url: '/cookies/',
-        type: 'GET',
+        type: 'POST',
        data: {
            time: Date.now()
        },
--- a/ref-test/app/config.py
+++ b/ref-test/app/config.py
@ -9,6 +9,7 @@ class Config(object):
    DEBUG = False
    TESTING = False
    SECRET_KEY = os.getenv('SECRET_KEY')
    SERVER_NAME = os.getenv('SERVER_NAME')
    SESSION_COOKIE_SECURE = True
    SQLALCHEMY_DATABASE_URI = f'sqlite:///{Path(DATA)}/database.db'
    SQLALCHEMY_TRACK_MODIFICATIONS = False
--- a/ref-test/app/quiz/static/js/script.js
+++ b/ref-test/app/quiz/static/js/script.js
@ -68,7 +68,7 @@ $('#dismiss-cookie-alert').click(function(event){
    $.ajax({
        url: '/cookies/',
-        type: 'GET',
+        type: 'POST',
        data: {
            time: Date.now()
        },
--- a/ref-test/app/views.py
+++ b/ref-test/app/views.py
@ -5,7 +5,7 @@ from flask import Blueprint, redirect, request, render_template
 from datetime import datetime, timedelta
 views = Blueprint(
-    name='common',
+    name='views',
    import_name=__name__,
    template_folder='templates',
    static_folder='static'
@ -15,7 +15,7 @@ views = Blueprint(
 def _privacy():
    return render_template('privacy.html')
-@views.route('/cookie_consent/')
+@views.route('/cookies/', methods=['POST'])
 def _cookie_consent():
    resp = redirect('/')
    resp.set_cookie(
@ -24,7 +24,7 @@ def _cookie_consent():
        max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else None,
        path = '/',
        expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else None,
-        domain = f'.{Config.SERVER_NAME}',
+        domain = f'{Config.SERVER_NAME}',
        secure = True
    )
    return resp
--- a/ref-test/main.py
+++ b/ref-test/main.py
@ -2,9 +2,10 @@ from app.models import User
 from app.modules import bootstrap, csrf, db, login_manager, mail
 from config import Config
-from flask import Flask
+from flask import flash, Flask, request
-from flask_wtf.csrf import CSRFError
+from flask.helpers import url_for
 from flask.json import jsonify
 from flask_wtf.csrf import CSRFError
 from werkzeug.middleware.proxy_fix import ProxyFix
 from datetime import datetime
@ -25,6 +26,14 @@ def create_app():
    def _load_user(id):
        return User.query.filter_by(id=id).first()
    @app.before_request
    def _check_cookie_consent():
        if request.cookies.get('cookie_consent'):
            return
        if any([ request.path.startswith(x) for x in [ '/admin/static/', '/static/', '/cookies/' ] ]):
            return
        flash(f'<strong>Cookie Consent</strong>: This web site only stores minimal, functional cookies. It does not store any tracking information. By using this site, you consent to this use of cookies. For more information, see our <a href="{url_for("views._privacy")}">privacy policy</a>.', 'cookie_alert')
    @app.errorhandler(404)
    def _404_handler(error):
        return jsonify({'error':'404 &mdash; Not Found'}), 404
@ -37,8 +46,8 @@ def create_app():
    from app.admin.views import admin
    from app.api.views import api
    from app.views import views
    from app.quiz.views import quiz
    from app.views import views
    app.register_blueprint(admin, url_prefix='/admin')
    app.register_blueprint(api, url_prefix='/api')