xevion/linkpulse
1
0
Fork 0
mirror of https://github.com/Xevion/linkpulse.git synced 2025-12-06 15:15:34 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add proper cookie expiry time to Login route

Browse Source
This commit is contained in:
Xevion
2024-11-10 12:13:56 -06:00
parent 32645a588a
commit 00a3643079
2 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
backend/linkpulse/routers/auth.py
View File

@@ -102,14 +102,15 @@ async def login(body: LoginBody, response: Response):
# Create session # Create session
token = Session.generate_token() token = Session.generate_token()
session_duration = remember_me_session_expiry if body.remember_me else default_session_expiry
session = Session.create( session = Session.create(
token=token, token=token,
user=user, user=user,
expiry=utc_now() + (remember_me_session_expiry if body.remember_me else default_session_expiry), expiry=utc_now() + session_duration,
) )
# Set Cookie of session token # Set Cookie of session token
response.set_cookie("session", token, samesite="strict") response.set_cookie("session", token, samesite="strict", max_age=int(session_duration.total_seconds()))
return {"email": user.email, "expiry": session.expiry} return {"email": user.email, "expiry": session.expiry}

1
backend/linkpulse/tests/test_auth.py
View File

@@ -25,6 +25,7 @@ def test_auth_login(user):
response = client.post("/api/login", json=args) response = client.post("/api/login", json=args)
assert response.status_code == status.HTTP_200_OK assert response.status_code == status.HTTP_200_OK
test_expiry(response, 0.5) test_expiry(response, 0.5)
assert client.cookies.get("session") is not None
# Remember Me, True # Remember Me, True
response = client.post("/api/login", json={**args, "remember_me": True}) response = client.post("/api/login", json={**args, "remember_me": True})