Abhishek Thakur
commited on
Commit
·
1845cc4
1
Parent(s):
3b4df92
remove same site
Browse files- competitions/oauth.py +5 -1
competitions/oauth.py
CHANGED
|
@@ -32,7 +32,11 @@ def attach_oauth(app: fastapi.FastAPI):
|
|
| 32 |
session_secret = (OAUTH_CLIENT_SECRET or "") + "-v4"
|
| 33 |
# ^ if we change the session cookie format in the future, we can bump the version of the session secret to make
|
| 34 |
# sure cookies are invalidated. Otherwise some users with an old cookie format might get a HTTP 500 error.
|
| 35 |
-
app.add_middleware(
|
|
|
|
|
|
|
|
|
|
|
|
|
| 36 |
|
| 37 |
|
| 38 |
def _add_oauth_routes(app: fastapi.FastAPI) -> None:
|
|
|
|
| 32 |
session_secret = (OAUTH_CLIENT_SECRET or "") + "-v4"
|
| 33 |
# ^ if we change the session cookie format in the future, we can bump the version of the session secret to make
|
| 34 |
# sure cookies are invalidated. Otherwise some users with an old cookie format might get a HTTP 500 error.
|
| 35 |
+
app.add_middleware(
|
| 36 |
+
SessionMiddleware,
|
| 37 |
+
secret_key=hashlib.sha256(session_secret.encode()).hexdigest(),
|
| 38 |
+
https_only=True,
|
| 39 |
+
)
|
| 40 |
|
| 41 |
|
| 42 |
def _add_oauth_routes(app: fastapi.FastAPI) -> None:
|