SoftwareEngineering/DualHub
4
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Set Cookies httpOnly, secure; Deployment properties

Browse Source
This commit is contained in:
Paul Martin
2023-12-01 00:01:03 +01:00
parent 8af85d1abd
commit 96a116e240
2 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app.py
View File

@ -174,7 +174,7 @@ def login_post():
login_user(user) login_user(user)
if user.kurs: if user.kurs:
success = make_response(redirect(url_for("welcome"))) success = make_response(redirect(url_for("welcome")))
success.set_cookie("cnsc", newcookie) success.set_cookie("cnsc", value=newcookie, httponly=True, secure=True)
return success return success
t = dualisauth.checkUser(email, password) t = dualisauth.checkUser(email, password)
@ -197,7 +197,7 @@ def login_post():
db.session.commit() db.session.commit()
login_user(new_user) login_user(new_user)
newcookie = cookie newcookie = cookie
success.set_cookie("cnsc", newcookie) success.set_cookie("cnsc", value=newcookie, httponly=True, secure=True)
return success return success
@ -210,8 +210,8 @@ def logout():
db.session.commit() db.session.commit()
logout_user() logout_user()
red = make_response(redirect(url_for("login", code=1))) red = make_response(redirect(url_for("login", code=1)))
red.set_cookie("cnsc", "Logged out! Your temporary token " red.set_cookie("cnsc", value="Logged out! Your temporary token "
"on our server and the cookie on your device have been deleted.") "on our server and the cookie on your device have been deleted.", httponly=True, secure=True)
return red return red

4
uwsgi.ini
View File

@ -4,6 +4,8 @@ manage-script-name = true
pidfile = dualhub_flask.pid pidfile = dualhub_flask.pid
master = true master = true
processes = 1 processes = 1
http-socket = :2024 http-socket = :2025
chmod-socket = 660 chmod-socket = 660
vacuum = true vacuum = true
enable-threads = true
thunder-lock = true