aboutsummaryrefslogtreecommitdiffstats
path: root/backend/routes/forms/submit.py
diff options
context:
space:
mode:
authorGravatar Hassan Abouelela <[email protected]>2021-03-06 23:19:08 +0300
committerGravatar Hassan Abouelela <[email protected]>2021-03-06 23:19:08 +0300
commit013ea9006352ed714cbbd561880770062ea3a0e9 (patch)
tree0cf23deeb078b91824b2ec72e75b2803be263613 /backend/routes/forms/submit.py
parentMerge pull request #58 from python-discord/token-expiry (diff)
Sets Token Cookie To Same Site To Lax
Sets the authorization token cookie's security policy to lax, to allow it to work on the site. Signed-off-by: Hassan Abouelela <[email protected]>
Diffstat (limited to 'backend/routes/forms/submit.py')
-rw-r--r--backend/routes/forms/submit.py2
1 files changed, 1 insertions, 1 deletions
diff --git a/backend/routes/forms/submit.py b/backend/routes/forms/submit.py
index 8680b2d..8803b7c 100644
--- a/backend/routes/forms/submit.py
+++ b/backend/routes/forms/submit.py
@@ -76,7 +76,7 @@ class SubmitForm(Route):
response.set_cookie(
"token", f"JWT {request.user.token}",
- secure=constants.PRODUCTION, httponly=True, samesite="strict",
+ secure=constants.PRODUCTION, httponly=True, samesite="lax",
max_age=(expiry - datetime.datetime.now()).seconds
)