diff options
author | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-17 11:06:38 -0800 |
---|---|---|
committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-17 11:06:38 -0800 |
commit | 3c56a6c8da155f4675e48a6f5fa55b1cf9fb096a (patch) | |
tree | 23a4b7ec0b79bfccfcc4a4e6c6fbd3f727340a30 /python | |
parent | 9cfa0009f9d291064e5faa0478b8ddf0143aea20 (diff) | |
download | fatcat-3c56a6c8da155f4675e48a6f5fa55b1cf9fb096a.tar.gz fatcat-3c56a6c8da155f4675e48a6f5fa55b1cf9fb096a.zip |
make token logins (and cookies in general) work locally/dev
Diffstat (limited to 'python')
-rw-r--r-- | python/env.example | 3 | ||||
-rw-r--r-- | python/fatcat_web/web_config.py | 11 |
2 files changed, 8 insertions, 6 deletions
diff --git a/python/env.example b/python/env.example index c986b9d2..9896dc86 100644 --- a/python/env.example +++ b/python/env.example @@ -1,4 +1,5 @@ -FLASK_SECRET_KEY="" +FLASK_SECRET_KEY="TODO-REPLACE-ME" +FATCAT_DOMAIN="dev.fatcat.wiki" # This key used in tests FATCAT_API_AUTH_TOKEN="AgEPZGV2LmZhdGNhdC53aWtpAhYyMDE5MDEwMS1kZXYtZHVtbXkta2V5AAImZWRpdG9yX2lkID0gYWFhYWFhYWFhYWFhYmt2a2FhYWFhYWFhYWkAAht0aW1lID4gMjAxOS0wMS0wOVQwMDo1Nzo1MloAAAYgnroNha1hSftChtxHGTnLEmM/pY8MeQS/jBSV0UNvXug=" FATCAT_API_HOST="http://localhost:9411/v0" diff --git a/python/fatcat_web/web_config.py b/python/fatcat_web/web_config.py index cbe519b0..9ce32ed7 100644 --- a/python/fatcat_web/web_config.py +++ b/python/fatcat_web/web_config.py @@ -19,7 +19,7 @@ class Config(object): GIT_REVISION = subprocess.check_output(["git", "describe", "--always"]).strip().decode('utf-8') # This is, effectively, the QA/PROD flag - FATCAT_DOMAIN = os.environ.get("FATCAT_DOMAIN", default="qa.fatcat.wiki") + FATCAT_DOMAIN = os.environ.get("FATCAT_DOMAIN", default="dev.fatcat.wiki") FATCAT_API_AUTH_TOKEN = os.environ.get("FATCAT_API_AUTH_TOKEN", default=None) FATCAT_API_HOST = os.environ.get("FATCAT_API_HOST", default="https://{}/v0".format(FATCAT_DOMAIN)) @@ -39,10 +39,11 @@ class Config(object): IA_XAUTH_CLIENT_SECRET = os.environ.get("IA_XAUTH_CLIENT_SECRET", default=None) # protect cookies (which include API tokens) - SESSION_COOKIE_HTTPONLY = True - SESSION_COOKIE_SECURE = True - SESSION_COOKIE_SAMESITE = 'Lax' - PERMANENT_SESSION_LIFETIME = 2678400 # 31 days, in seconds + if FATCAT_DOMAIN != "dev.fatcat.wiki": + SESSION_COOKIE_HTTPONLY = True + SESSION_COOKIE_SECURE = True + SESSION_COOKIE_SAMESITE = 'Lax' + PERMANENT_SESSION_LIFETIME = 2678400 # 31 days, in seconds try: GIT_RELEASE = raven.fetch_git_sha('..') |