Spaces:

vespa-engine
/

fasthtml-vespa

Running

thomasht86 commited on Aug 25, 2024

Commit

c652a68

verified ·

1 Parent(s): e517d53

deploy at 2024-08-25 08:02:27.625024

Files changed (1) hide show

main.py CHANGED Viewed

@@ -469,9 +469,10 @@ async def login(request: Request):
     if username == ADMIN_NAME and compare_digest(ADMIN_PWD.encode("utf-8"), password.encode("utf-8")):
         request.session["auth"] = True
         response = RedirectResponse("/admin", status_code=303)
         response.set_cookie(
-            "admin_auth",
-            request.session,
             max_age=3600,
             httponly=True,
             samesite='Lax',  # Try 'Lax' if 'None' doesn't work
@@ -684,7 +685,7 @@ def download_csv(request: Request):
 @app.route("/admin")
 async def admin(request: Request):
-    auth = request.cookies.get("admin_auth", None)
     if auth is None:
         return RedirectResponse("/login", status_code=303)

     if username == ADMIN_NAME and compare_digest(ADMIN_PWD.encode("utf-8"), password.encode("utf-8")):
         request.session["auth"] = True
         response = RedirectResponse("/admin", status_code=303)
+        # Set "set-cookie" in header
         response.set_cookie(
+            "session",
+            request.session["auth"],
             max_age=3600,
             httponly=True,
             samesite='Lax',  # Try 'Lax' if 'None' doesn't work
 @app.route("/admin")
 async def admin(request: Request):
+    auth = request.cookies.get("session", None)
     if auth is None:
         return RedirectResponse("/login", status_code=303)