From d4f59769c61608298b915046ce90fbd5dab9e90e Mon Sep 17 00:00:00 2001 From: Vivek Santayana Date: Mon, 6 Dec 2021 21:51:29 +0000 Subject: [PATCH] OG and Cookie settings --- ref-test/admin/models/users.py | 20 ++++++++++++++----- ref-test/common/blueprints.py | 4 +++- ref-test/main.py | 3 +++ .../templates/quiz/components/og-meta.html | 6 +++--- 4 files changed, 24 insertions(+), 9 deletions(-) diff --git a/ref-test/admin/models/users.py b/ref-test/admin/models/users.py index ee1df9d..b2f62df 100644 --- a/ref-test/admin/models/users.py +++ b/ref-test/admin/models/users.py @@ -25,7 +25,9 @@ class User: value = self._id, max_age = timedelta(days=14) if self.remember else 'Session', path = '/', - expires = datetime.utcnow() + timedelta(days=14) if self.remember else 'Session' + expires = datetime.utcnow() + timedelta(days=14) if self.remember else 'Session', + domain = '.reftest.vsnt.uk', + secure = True ) if self.remember: resp.set_cookie ( @@ -33,7 +35,9 @@ class User: value = 'True', max_age = timedelta(days=14), path = '/', - expires = datetime.utcnow() + timedelta(days=14) + expires = datetime.utcnow() + timedelta(days=14), + domain = '.reftest.vsnt.uk', + secure = True ) def register(self): @@ -80,21 +84,27 @@ class User: value = '', max_age = timedelta(days=-1), path = '/', - expires= datetime.utcnow() + timedelta(days=-1) + expires= datetime.utcnow() + timedelta(days=-1), + domain = '.reftest.vsnt.uk', + secure = True ) resp.set_cookie ( key = 'cookie_consent', value = 'True', max_age = 'Session', path = '/', - expires = 'Session' + expires = 'Session', + domain = '.reftest.vsnt.uk', + secure = True ) resp.set_cookie ( key = 'remember', value = 'True', max_age = timedelta(days=-1), path = '/', - expires = datetime.utcnow() + timedelta(days=-1) + expires = datetime.utcnow() + timedelta(days=-1), + domain = '.reftest.vsnt.uk', + secure = True ) flash('You have been logged out. All cookies pertaining to your account have been deleted. Have a nice day.', 'alert') return resp diff --git a/ref-test/common/blueprints.py b/ref-test/common/blueprints.py index d15e272..4500c2a 100644 --- a/ref-test/common/blueprints.py +++ b/ref-test/common/blueprints.py @@ -13,6 +13,8 @@ def _cookies(): value = 'True', max_age = timedelta(days=14) if request.cookies.get('remember') == 'True' else 'Session', path = '/', - expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else 'Session' + expires = datetime.utcnow() + timedelta(days=14) if request.cookies.get('remember') else 'Session', + domain = '.reftest.vsnt.uk', + secure = True ) return resp \ No newline at end of file diff --git a/ref-test/main.py b/ref-test/main.py index 9729e0a..c1f0efe 100644 --- a/ref-test/main.py +++ b/ref-test/main.py @@ -8,6 +8,7 @@ from pymongo import MongoClient from pymongo.errors import ConnectionFailure from flask_wtf.csrf import CSRFProtect, CSRFError from flask_mail import Mail +from werkzeug.middleware.proxy_fix import ProxyFix from common.security import check_keyfile_exists, generate_keyfile import config @@ -70,6 +71,8 @@ def create_app(): Bootstrap(app) csrf = CSRFProtect(app) + app.wsgi_app = ProxyFix(app.wsgi_app, x_proto=1, x_host=1) + return app app = create_app() diff --git a/ref-test/quiz/templates/quiz/components/og-meta.html b/ref-test/quiz/templates/quiz/components/og-meta.html index ef31c74..5c63bca 100644 --- a/ref-test/quiz/templates/quiz/components/og-meta.html +++ b/ref-test/quiz/templates/quiz/components/og-meta.html @@ -2,12 +2,12 @@ - + - - + +