0001-middleware-set-a-variable-value-in-the-A2_OPENED_SES.patch
src/authentic2/middleware.py | ||
---|---|---|
15 | 15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
16 | 16 | |
17 | 17 |
import time |
18 |
import uuid |
|
18 | 19 | |
19 | 20 |
try: |
20 | 21 |
import threading |
... | ... | |
69 | 70 |
domain = app_settings.A2_OPENED_SESSION_COOKIE_DOMAIN |
70 | 71 | |
71 | 72 |
if enabled and hasattr(request, 'user') and request.user.is_authenticated: |
72 |
response.set_cookie( |
|
73 |
name, |
|
74 |
value='1', |
|
75 |
max_age=None, |
|
76 |
domain=domain, |
|
77 |
secure=app_settings.A2_OPENED_SESSION_COOKIE_SECURE, |
|
78 |
samesite='Lax', |
|
79 |
) |
|
73 |
if name not in request.COOKIES: |
|
74 |
response.set_cookie( |
|
75 |
name, |
|
76 |
value=uuid.uuid4().hex, |
|
77 |
max_age=None, |
|
78 |
domain=domain, |
|
79 |
secure=app_settings.A2_OPENED_SESSION_COOKIE_SECURE, |
|
80 |
samesite='Lax', |
|
81 |
) |
|
80 | 82 |
elif app_settings.A2_OPENED_SESSION_COOKIE_NAME in request.COOKIES: |
81 | 83 |
response.delete_cookie(name, domain=domain) |
82 | 84 |
return response |
83 |
- |