configure cookies properly

2017-07-30 14:08:37 +02:00 · 2017-07-30 14:08:37 +02:00 · f3a37a11d1
parent cf286918f9
commit f3a37a11d1
3 changed files with 6 additions and 1 deletions
--- a/app.py
+++ b/app.py
@ -10,6 +10,7 @@ default_config = {
        "SQLALCHEMY_DATABASE_URI": "postgresql+psycopg2:///forget",
        "SECRET_KEY": "hunter2",
        "CELERY_BROKER": "amqp://",
+        "HTTPS": True
 }

 app.config.update(default_config)
--- a/config.example.py
+++ b/config.example.py
@ -29,6 +29,8 @@ SERVER_NAME="localhost:5000"

 CELERY_BROKER='amqp://'

+HTTPS=True
+
 """
 you can also use any config variable that flask expects here, such as
 """
--- a/routes.py
+++ b/routes.py
@ -48,7 +48,9 @@ def twitter_login_step2():
    tasks.fetch_acc.s(token.account_id).delay()

    resp = Response(status=301, headers={"location": url_for('index')})
-    resp.set_cookie('forget_sid', session.id)
+    resp.set_cookie('forget_sid', session.id,
+        max_age=60*60*48,
+        secure=app.config.get("HTTPS"))
    return resp

@app.route('/logout')