Skip to content

Commit 04f5da3

Browse files
ogabrielluizogabrielluiz
authored
Update cookie settings in login.py (#1371)
This pull request updates the cookie settings in the login.py file. Specifically, it removes the "secure" and "samesite" attributes from the response.set_cookie() function calls. This change ensures that the cookies are not restricted to secure connections only and are not limited to same-site requests.
2 parents eece7b6 + e63878b commit 04f5da3

File tree

2 files changed

+6
-6
lines changed

2 files changed

+6
-6
lines changed

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[tool.poetry]
22
name = "langflow"
3-
version = "0.6.5a11"
3+
version = "0.6.5a12"
44
description = "A Python package with a built-in web application"
55
authors = ["Logspace <[email protected]>"]
66
maintainers = [

src/backend/langflow/api/v1/login.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -33,8 +33,8 @@ async def login_to_get_access_token(
3333

3434
if user:
3535
tokens = create_user_tokens(user_id=user.id, db=db, update_last_login=True)
36-
response.set_cookie("refresh_token_lf", tokens["refresh_token"], httponly=True, secure=True)
37-
response.set_cookie("access_token_lf", tokens["access_token"], httponly=False, secure=True)
36+
response.set_cookie("refresh_token_lf", tokens["refresh_token"], httponly=True)
37+
response.set_cookie("access_token_lf", tokens["access_token"], httponly=False)
3838
return tokens
3939
else:
4040
raise HTTPException(
@@ -50,7 +50,7 @@ async def auto_login(
5050
):
5151
if settings_service.auth_settings.AUTO_LOGIN:
5252
tokens = create_user_longterm_token(db)
53-
response.set_cookie("access_token_lf", tokens["access_token"], httponly=False, secure=True, samesite="strict")
53+
response.set_cookie("access_token_lf", tokens["access_token"], httponly=False)
5454
return tokens
5555

5656
raise HTTPException(
@@ -67,8 +67,8 @@ async def refresh_token(request: Request, response: Response):
6767
token = request.cookies.get("refresh_token_lf")
6868
if token:
6969
tokens = create_refresh_token(token)
70-
response.set_cookie("refresh_token_lf", tokens["refresh_token"], httponly=True, secure=True, samesite="strict")
71-
response.set_cookie("access_token_lf", tokens["access_token"], httponly=False, secure=True, samesite="strict")
70+
response.set_cookie("refresh_token_lf", tokens["refresh_token"], httponly=True)
71+
response.set_cookie("access_token_lf", tokens["access_token"], httponly=False)
7272
return tokens
7373
else:
7474
raise HTTPException(

0 commit comments

Comments
 (0)