| """ |
| Session management routes |
| """ |
| from fastapi import APIRouter, Header, Cookie, Response, Request |
| from typing import Optional |
| import uuid |
|
|
| from app.core.database import create_new_session_id |
| from app.config import settings |
|
|
| router = APIRouter(prefix="/session", tags=["Session"])
|
|
|
|
|
| @router.post("/create") |
| def create_session(response: Response, request: Request): |
| """Create a new session and return session_id""" |
| session_id = create_new_session_id() |
| secure = settings.cookie_secure |
| samesite = settings.cookie_samesite |
| proto = request.headers.get("x-forwarded-proto", request.url.scheme) |
| if proto != "https" and secure: |
| secure = False |
| samesite = "lax" |
| response.set_cookie( |
| key="numidium_session", |
| value=session_id, |
| max_age=60*60*24*365, |
| httponly=True, |
| samesite=samesite, |
| secure=secure |
| ) |
| return {"session_id": session_id} |
|
|
|
|
| @router.get("/current")
|
| def get_current_session(
|
| numidium_session: Optional[str] = Cookie(None),
|
| x_session_id: Optional[str] = Header(None)
|
| ):
|
| """Get current session ID"""
|
| session_id = x_session_id or numidium_session
|
| if not session_id:
|
| return {"session_id": None, "message": "No session. Call POST /session/create"}
|
| return {"session_id": session_id}
|
|
|
