aboutsummaryrefslogtreecommitdiffstats
path: root/backend/routes/forms/submit.py
diff options
context:
space:
mode:
authorGravatar Hassan Abouelela <[email protected]>2021-03-07 00:07:19 +0300
committerGravatar Hassan Abouelela <[email protected]>2021-03-07 00:14:27 +0300
commit5bab39126bb6b764595a4e21b454249c01628588 (patch)
treece5b0f0499be2b0caee1fb3a03fd1cd58e6a2dee /backend/routes/forms/submit.py
parentRevert "Sets Token Cookie To Same Site To Lax" (diff)
Makes Helper To Handle Token SameSite Logic
Adds a helper method to allow tokens to work on deploy previews. Signed-off-by: Hassan Abouelela <[email protected]>
Diffstat (limited to 'backend/routes/forms/submit.py')
-rw-r--r--backend/routes/forms/submit.py9
1 files changed, 4 insertions, 5 deletions
diff --git a/backend/routes/forms/submit.py b/backend/routes/forms/submit.py
index 8680b2d..975307b 100644
--- a/backend/routes/forms/submit.py
+++ b/backend/routes/forms/submit.py
@@ -20,6 +20,7 @@ from backend import constants
from backend.authentication.user import User
from backend.models import Form, FormResponse
from backend.route import Route
+from backend.routes.auth.authorize import set_response_token
from backend.routes.forms.unittesting import execute_unittest
from backend.validation import ErrorMessage, api
@@ -74,11 +75,9 @@ class SubmitForm(Route):
except ValueError:
expiry = None
- response.set_cookie(
- "token", f"JWT {request.user.token}",
- secure=constants.PRODUCTION, httponly=True, samesite="strict",
- max_age=(expiry - datetime.datetime.now()).seconds
- )
+ origin = request.headers.get("origin")
+ expiry_seconds = (expiry - datetime.datetime.now()).seconds
+ await set_response_token(response, origin, request.user.token, expiry_seconds)
except httpx.HTTPStatusError:
pass
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-19 12:07:36 +0000