yetangitu/funkwhale
1
0
Fork 0
mirror of https://code.eliotberriot.com/funkwhale/funkwhale.git synced 2025-10-05 23:08:25 +02:00
Code Issues Releases Wiki Activity

Resolve "Use cookies instead of local storage for auth in Web UI"

Browse source
This commit is contained in:
Eliot Berriot 2019-03-13 16:50:49 +01:00
parent c0055b3b20
commit c395076fce
18 changed files with 203 additions and 153 deletions
Download patch file Download diff file Expand all files Collapse all files

4
api/config/settings/common.py
View file

@ -330,7 +330,7 @@ AUTHENTICATION_BACKENDS = (
"funkwhale_api.users.auth_backends.ModelBackend",
"allauth.account.auth_backends.AuthenticationBackend",
)
SESSION_COOKIE_HTTPONLY = False
SESSION_COOKIE_HTTPONLY = True
# Some really nice defaults
ACCOUNT_AUTHENTICATION_METHOD = "username_email"
ACCOUNT_EMAIL_REQUIRED = True
@ -537,7 +537,7 @@ MUSICBRAINZ_HOSTNAME = env("MUSICBRAINZ_HOSTNAME", default="musicbrainz.org")
# Custom Admin URL, use {% url 'admin:index' %}
ADMIN_URL = env("DJANGO_ADMIN_URL", default="^api/admin/")
CSRF_USE_SESSIONS = True
CSRF_USE_SESSIONS = False
SESSION_ENGINE = "django.contrib.sessions.backends.cache"
# Playlist settings