Set sso_hint cookie on login, clear on logout
Some checks failed
Build and Deploy / build-and-deploy (push) Has been cancelled
Some checks failed
Build and Deploy / build-and-deploy (push) Has been cancelled
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
giles
@@ -196,11 +196,19 @@ def register(url_prefix="/auth"):
|
||||
qsession[SESSION_USER_KEY] = user_id
|
||||
|
||||
redirect_url = pop_login_redirect_target()
|
||||
return redirect(redirect_url, 303)
|
||||
resp = redirect(redirect_url, 303)
|
||||
resp.set_cookie(
|
||||
"sso_hint", "1",
|
||||
domain=".rose-ash.com", max_age=30 * 24 * 3600,
|
||||
secure=True, samesite="Lax", httponly=True,
|
||||
)
|
||||
return resp
|
||||
|
||||
@auth_bp.post("/logout/")
|
||||
async def logout():
|
||||
qsession.pop(SESSION_USER_KEY, None)
|
||||
return redirect(federation_url("/"))
|
||||
resp = redirect(federation_url("/"))
|
||||
resp.delete_cookie("sso_hint", domain=".rose-ash.com", path="/")
|
||||
return resp
|
||||
|
||||
return auth_bp
|
||||
|
||||
Reference in New Issue
Block a user