Set authentication cookie path relative to X-Forwarded-Prefix when running via reverse proxy subdirectory (#446)

pull/447/head
dgtlmoon 3 years ago committed by GitHub
parent 46c72a7fb3
commit 3be1f4ea44
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -250,6 +250,11 @@ def changedetection_app(config=None, datastore_o=None):
# (No password in settings or env var)
app.config['LOGIN_DISABLED'] = datastore.data['settings']['application']['password'] == False and os.getenv("SALTED_PASS", False) == False
# Set the auth cookie path if we're running as X-settings/X-Forwarded-Prefix
if os.getenv('USE_X_SETTINGS') and 'X-Forwarded-Prefix' in request.headers:
app.config['REMEMBER_COOKIE_PATH'] = request.headers['X-Forwarded-Prefix']
app.config['SESSION_COOKIE_PATH'] = request.headers['X-Forwarded-Prefix']
# For the RSS path, allow access via a token
if request.path == '/rss' and request.args.get('token'):
app_rss_token = datastore.data['settings']['application']['rss_access_token']

Loading…
Cancel
Save