wip

app.py

@@ -1,3 +1,4 @@
+from http.cookies import SimpleCookie
 import gradio as gr
 import pandas as pd
 from apscheduler.schedulers.background import BackgroundScheduler
@@ -177,15 +178,29 @@ def add_solution_cbk(
 #     return gr.update(visible=False), gr.update(visible=True)
 
 
-def gate_submission(oauth_token: gr.OAuthToken | None):
+def gate_submission(oauth_token: gr.OAuthToken | None, request: gr.Request):
     """
     @brief Toggles the visibility of the login box and submission panel based on the user's login status.
     """
+    # Log cookie sizes
+    cookies = request.headers.get("cookie", "")
+    cookie_obj = SimpleCookie()
+    try:
+        cookie_obj.load(cookies)
+        for key in ["spaces-jwt", "session"]:
+            if key in cookie_obj:
+                cookie_size = len(cookie_obj[key].OutputString().encode('utf-8'))
+                logger.info(f"Cookie {key} size: {cookie_size} bytes")
+    except Exception as e:
+        logger.error(f"Error parsing cookies: {str(e)}")
+
     logger.info("GATE TOKEN %s", oauth_token)
     if oauth_token is None:
         logger.info("GATE: NO TOKEN")
         return gr.update(visible=True), gr.update(visible=False), gr.update(visible=False)
     try:
+        token_size = len(oauth_token.token.encode('utf-8'))
+        logger.info(f"Token size: {token_size} bytes")
         whoami(oauth_token.token)
         logger.info("GATE: TOKEN IS VALID")
         return gr.update(visible=False), gr.update(visible=False), gr.update(visible=True)
@@ -193,6 +208,16 @@ def gate_submission(oauth_token: gr.OAuthToken | None):
         logger.info("GATE: TOKEN HAS EXPIRED")
         return gr.update(visible=False), gr.update(visible=True), gr.update(visible=False)
 
+# Custom route to force clear HttpOnly cookies
+def clear_cookies():
+    response = gr.HTTPResponse()
+    response.headers["Set-Cookie"] = [
+        "spaces-jwt=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Domain=" + os.environ.get("SPACE_HOST", ""),
+        "session=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Domain=" + os.environ.get("SPACE_HOST", "")
+    ]
+    response.redirect = "/?t=" + str(int(os.times().elapsed * 1000))
+    return response
+
 
 def get_theme():
     cyber_theme = Base(
@@ -288,7 +313,13 @@ with blocks:
             with logout_box:
                 gr.Markdown("Your session has EXPIRED. Please sign in again")
 #                gr.Button("Manual Logout", link="/logout")
-                gr.HTML(JS_LOGOUT)
+                #gr.HTML(JS_LOGOUT)
+                # Manual logout link to server-side /logout
+                gr.HTML('<a href="/logout?redirect=/" style="display: inline-block; padding: 10px; background: #ff4d4f; color: white; text-decoration: none; border-radius: 5px;">Logout (via /logout)</a>')
+    
+                 # Custom clear cookies link
+                gr.HTML('<a href="/clear-cookies" style="display: inline-block; padding: 10px; background: #ff6666; color: white; text-decoration: none; border-radius: 5px; margin-left: 10px;">Clear Cookies</a>')
+
 
             # Shown when logged IN
             submit_panel = gr.Group(visible=False)
@@ -342,6 +373,8 @@ with blocks:
     # blocks.load(gate_submission, inputs=None, outputs=[login_box, submit_panel])
     blocks.load(gate_submission, inputs=None, outputs=[login_box, logout_box, submit_panel])
 
+    blocks.route("/clear-cookies", clear_cookies)
+
 
 logger.info("Scheduler")
 scheduler = BackgroundScheduler()