File tree 2 files changed +14
-1
lines changed
2 files changed +14
-1
lines changed Original file line number Diff line number Diff line change @@ -234,7 +234,18 @@ def post(self, request):
234
234
return redirect ("welcome" )
235
235
236
236
next_page = request .POST .get ("next" , request .GET .get ("next" , default_next_page ))
237
- return redirect (next_page )
237
+
238
+ response = redirect (next_page )
239
+ response .set_cookie (
240
+ "ion_authenticated" ,
241
+ value = settings .ION_AUTHENTICATED_COOKIE_VALUE ,
242
+ max_age = 60 * 60 * 24 * 365 * 5 , # 5 years
243
+ secure = True ,
244
+ httponly = True ,
245
+ samesite = "Lax" ,
246
+ )
247
+
248
+ return response
238
249
else :
239
250
log_auth (request , "failed" )
240
251
logger .info ("Login failed as %s" , request .POST .get ("username" , "unknown" ))
Original file line number Diff line number Diff line change 156
156
SESSION_COOKIE_SECURE = PRODUCTION
157
157
CSRF_COOKIE_SECURE = PRODUCTION
158
158
159
+ ION_AUTHENTICATED_COOKIE_VALUE = "ion_dev_test" # Set to a random value in production. Used for balancer rate limiting.
160
+
159
161
if not PRODUCTION :
160
162
# We don't care about session security when running a testing instance.
161
163
SECRET_KEY = "_5kc##e7(!4=4)h4slxlgm010l+43zd_84g@82771ay6no-1&i"
You can’t perform that action at this time.
0 commit comments