feat: implement cross-tab coordination for token refresh and enhance logout handling
All checks were successful
Chore App Build, Test, and Push Docker Images / build-and-push (push) Successful in 3m57s
All checks were successful
Chore App Build, Test, and Push Docker Images / build-and-push (push) Successful in 3m57s
This commit is contained in:
@@ -99,7 +99,11 @@ def _create_refresh_token(user_id: str, token_family: str | None = None) -> tupl
|
||||
def _set_auth_cookies(resp, access_token: str, raw_refresh_token: str):
|
||||
"""Set both access and refresh token cookies on a response."""
|
||||
expiry_days = current_app.config['REFRESH_TOKEN_EXPIRY_DAYS']
|
||||
resp.set_cookie('access_token', access_token, httponly=True, secure=True, samesite='Strict')
|
||||
resp.set_cookie(
|
||||
'access_token', access_token,
|
||||
httponly=True, secure=True, samesite='Lax',
|
||||
max_age=ACCESS_TOKEN_EXPIRY_MINUTES * 60,
|
||||
)
|
||||
resp.set_cookie(
|
||||
'refresh_token', raw_refresh_token,
|
||||
httponly=True, secure=True, samesite='Strict',
|
||||
|
||||
Reference in New Issue
Block a user