fix(auth): allow custom session cookie name

This commit is contained in:
JOJO 2026-05-31 11:40:44 +08:00
parent fc70179b02
commit 5bdc60006d

View File

@ -254,6 +254,7 @@ if not _secret_key:
app.config['SECRET_KEY'] = _secret_key
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=12)
_cookie_secure_env = (os.environ.get("WEB_COOKIE_SECURE") or "").strip().lower()
app.config['SESSION_COOKIE_NAME'] = os.environ.get("WEB_SESSION_COOKIE_NAME", "session")
app.config['SESSION_COOKIE_SAMESITE'] = os.environ.get("WEB_COOKIE_SAMESITE", "Strict")
app.config['SESSION_COOKIE_SECURE'] = _cookie_secure_env in {"1", "true", "yes"}
app.config['SESSION_COOKIE_HTTPONLY'] = True