mirror of
https://github.com/lnbits/lnbits.git
synced 2025-08-08 09:11:56 +02:00
Fix login logout on safari (#2309)
* fix: relax security level for public cookies * fix: corner case for logout
This commit is contained in:
Vlad Stan
GitHub
@@ -535,9 +535,7 @@ def register_exception_handlers(app: FastAPI):
|
|||||||
response = RedirectResponse("/")
|
response = RedirectResponse("/")
|
||||||
response.delete_cookie("cookie_access_token")
|
response.delete_cookie("cookie_access_token")
|
||||||
response.delete_cookie("is_lnbits_user_authorized")
|
response.delete_cookie("is_lnbits_user_authorized")
|
||||||
response.set_cookie(
|
response.set_cookie("is_access_token_expired", "true")
|
||||||
"is_access_token_expired", "true", samesite="none", secure=True
|
|
||||||
)
|
|
||||||
return response
|
return response
|
||||||
|
|
||||||
return template_renderer().TemplateResponse(
|
return template_renderer().TemplateResponse(
|
||||||
|
|||||||
@@ -142,6 +142,8 @@ async def logout() -> JSONResponse:
|
|||||||
response.delete_cookie("cookie_access_token")
|
response.delete_cookie("cookie_access_token")
|
||||||
response.delete_cookie("is_lnbits_user_authorized")
|
response.delete_cookie("is_lnbits_user_authorized")
|
||||||
response.delete_cookie("is_access_token_expired")
|
response.delete_cookie("is_access_token_expired")
|
||||||
|
response.delete_cookie("lnbits_last_active_wallet")
|
||||||
|
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
|
||||||
@@ -286,9 +288,7 @@ def _auth_success_response(
|
|||||||
)
|
)
|
||||||
response = JSONResponse({"access_token": access_token, "token_type": "bearer"})
|
response = JSONResponse({"access_token": access_token, "token_type": "bearer"})
|
||||||
response.set_cookie("cookie_access_token", access_token, httponly=True)
|
response.set_cookie("cookie_access_token", access_token, httponly=True)
|
||||||
response.set_cookie(
|
response.set_cookie("is_lnbits_user_authorized", "true")
|
||||||
"is_lnbits_user_authorized", "true", samesite="none", secure=True
|
|
||||||
)
|
|
||||||
response.delete_cookie("is_access_token_expired")
|
response.delete_cookie("is_access_token_expired")
|
||||||
|
|
||||||
return response
|
return response
|
||||||
@@ -298,9 +298,7 @@ def _auth_redirect_response(path: str, email: str) -> RedirectResponse:
|
|||||||
access_token = create_access_token(data={"sub": "" or "", "email": email})
|
access_token = create_access_token(data={"sub": "" or "", "email": email})
|
||||||
response = RedirectResponse(path)
|
response = RedirectResponse(path)
|
||||||
response.set_cookie("cookie_access_token", access_token, httponly=True)
|
response.set_cookie("cookie_access_token", access_token, httponly=True)
|
||||||
response.set_cookie(
|
response.set_cookie("is_lnbits_user_authorized", "true")
|
||||||
"is_lnbits_user_authorized", "true", samesite="none", secure=True
|
|
||||||
)
|
|
||||||
response.delete_cookie("is_access_token_expired")
|
response.delete_cookie("is_access_token_expired")
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
|||||||
@@ -221,9 +221,7 @@ async def wallet(
|
|||||||
"web_manifest": f"/manifest/{user.id}.webmanifest",
|
"web_manifest": f"/manifest/{user.id}.webmanifest",
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
resp.set_cookie(
|
resp.set_cookie("lnbits_last_active_wallet", wallet_id)
|
||||||
"lnbits_last_active_wallet", wallet_id, samesite="none", secure=True
|
|
||||||
)
|
|
||||||
return resp
|
return resp
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user