From b0583b490590bb29edd291813e3078fc042dfb33 Mon Sep 17 00:00:00 2001 From: SKairinos Date: Thu, 5 Oct 2023 16:07:29 +0100 Subject: [PATCH] fix: session cookie and drf request --- codeforlife/request.py | 6 ++++++ codeforlife/settings/django.py | 4 +++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/codeforlife/request.py b/codeforlife/request.py index 7ed4ee38..901bed6e 100644 --- a/codeforlife/request.py +++ b/codeforlife/request.py @@ -3,6 +3,7 @@ from django.contrib.auth.models import AnonymousUser from django.core.handlers.wsgi import WSGIRequest as _WSGIRequest from django.http import HttpRequest as _HttpRequest +from rest_framework.request import Request as _Request from .user.models import User from .user.models.session import SessionStore @@ -16,3 +17,8 @@ class WSGIRequest(_WSGIRequest): class HttpRequest(_HttpRequest): session: SessionStore user: t.Union[User, AnonymousUser] + + +class Request(_Request): + session: SessionStore + user: t.Union[User, AnonymousUser] diff --git a/codeforlife/settings/django.py b/codeforlife/settings/django.py index fa5821eb..51a8beb2 100644 --- a/codeforlife/settings/django.py +++ b/codeforlife/settings/django.py @@ -35,9 +35,11 @@ # https://docs.djangoproject.com/en/3.2/topics/http/sessions/ SESSION_ENGINE = "codeforlife.user.models.session" -SESSION_COOKIE_AGE = 60 * 60 SESSION_SAVE_EVERY_REQUEST = True SESSION_EXPIRE_AT_BROWSER_CLOSE = True +SESSION_COOKIE_NAME = "sessionid_httponly_true" +SESSION_COOKIE_HTTPONLY = True +SESSION_COOKIE_AGE = 60 * 60 SESSION_COOKIE_SECURE = True SESSION_COOKIE_SAMESITE = "None" SESSION_COOKIE_DOMAIN = "localhost" if DEBUG else "codeforlife.education"