configure cookies properly

This commit is contained in:
codl 2017-07-30 14:08:37 +02:00
parent cf286918f9
commit f3a37a11d1
No known key found for this signature in database
GPG Key ID: 6CD7C8891ED1233A
3 changed files with 6 additions and 1 deletions

1
app.py
View File

@ -10,6 +10,7 @@ default_config = {
"SQLALCHEMY_DATABASE_URI": "postgresql+psycopg2:///forget", "SQLALCHEMY_DATABASE_URI": "postgresql+psycopg2:///forget",
"SECRET_KEY": "hunter2", "SECRET_KEY": "hunter2",
"CELERY_BROKER": "amqp://", "CELERY_BROKER": "amqp://",
"HTTPS": True
} }
app.config.update(default_config) app.config.update(default_config)

View File

@ -29,6 +29,8 @@ SERVER_NAME="localhost:5000"
CELERY_BROKER='amqp://' CELERY_BROKER='amqp://'
HTTPS=True
""" """
you can also use any config variable that flask expects here, such as you can also use any config variable that flask expects here, such as
""" """

View File

@ -48,7 +48,9 @@ def twitter_login_step2():
tasks.fetch_acc.s(token.account_id).delay() tasks.fetch_acc.s(token.account_id).delay()
resp = Response(status=301, headers={"location": url_for('index')}) resp = Response(status=301, headers={"location": url_for('index')})
resp.set_cookie('forget_sid', session.id) resp.set_cookie('forget_sid', session.id,
max_age=60*60*48,
secure=app.config.get("HTTPS"))
return resp return resp
@app.route('/logout') @app.route('/logout')