Spaces:
Sleeping
Sleeping
“shubhamdhamal” commited on
Commit ·
5985dd1
1
Parent(s): 4e0a43b
Temporarily disable CSRF to debug session issues
Browse files- config.py +5 -4
- web_app/__init__.py +0 -8
- web_app/auth_routes.py +1 -9
config.py
CHANGED
|
@@ -20,10 +20,11 @@ class Config:
|
|
| 20 |
'sqlite:///' + os.path.join(basedir, 'instance', 'app.db')
|
| 21 |
SQLALCHEMY_TRACK_MODIFICATIONS = False
|
| 22 |
|
| 23 |
-
# WTF CSRF Settings
|
| 24 |
-
|
| 25 |
-
|
| 26 |
-
|
|
|
|
| 27 |
|
| 28 |
# Session configuration - CRITICAL for CSRF to work
|
| 29 |
SESSION_COOKIE_HTTPONLY = True
|
|
|
|
| 20 |
'sqlite:///' + os.path.join(basedir, 'instance', 'app.db')
|
| 21 |
SQLALCHEMY_TRACK_MODIFICATIONS = False
|
| 22 |
|
| 23 |
+
# WTF CSRF Settings - Temporarily disabled due to HF Spaces session issues
|
| 24 |
+
# TODO: Re-enable after figuring out session persistence
|
| 25 |
+
WTF_CSRF_ENABLED = False # Disable CSRF for now - will re-enable with fix
|
| 26 |
+
WTF_CSRF_TIME_LIMIT = None # No time limit if needed
|
| 27 |
+
WTF_CSRF_SSL_STRICT = False
|
| 28 |
|
| 29 |
# Session configuration - CRITICAL for CSRF to work
|
| 30 |
SESSION_COOKIE_HTTPONLY = True
|
web_app/__init__.py
CHANGED
|
@@ -67,14 +67,6 @@ def create_app(config_class=Config):
|
|
| 67 |
db.init_app(app)
|
| 68 |
login_manager.init_app(app)
|
| 69 |
migrate.init_app(app, db)
|
| 70 |
-
|
| 71 |
-
# Ensure session is always started (required for CSRF tokens)
|
| 72 |
-
@app.before_request
|
| 73 |
-
def ensure_session():
|
| 74 |
-
from flask import session
|
| 75 |
-
if '_csrf_token' not in session:
|
| 76 |
-
session['_csrf_token'] = True
|
| 77 |
-
session.modified = True
|
| 78 |
|
| 79 |
# Initialize Redis connection for RQ
|
| 80 |
try:
|
|
|
|
| 67 |
db.init_app(app)
|
| 68 |
login_manager.init_app(app)
|
| 69 |
migrate.init_app(app, db)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 70 |
|
| 71 |
# Initialize Redis connection for RQ
|
| 72 |
try:
|
web_app/auth_routes.py
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
from flask import Blueprint, render_template, redirect, url_for, flash, request, jsonify
|
| 2 |
from flask_login import login_user, logout_user, login_required, current_user
|
| 3 |
# Assuming db and login_manager are initialized in __init__.py
|
| 4 |
from web_app import db, login_manager
|
|
@@ -15,10 +15,6 @@ bp = Blueprint('auth', __name__, template_folder='templates/auth')
|
|
| 15 |
|
| 16 |
@bp.route('/register', methods=['GET', 'POST'])
|
| 17 |
def register():
|
| 18 |
-
# Ensure session is initialized for CSRF token
|
| 19 |
-
session.setdefault('_csrf_init', True)
|
| 20 |
-
session.modified = True
|
| 21 |
-
|
| 22 |
if current_user.is_authenticated:
|
| 23 |
return redirect('/') # Redirect to React homepage
|
| 24 |
|
|
@@ -54,10 +50,6 @@ def register():
|
|
| 54 |
|
| 55 |
@bp.route('/login', methods=['GET', 'POST'])
|
| 56 |
def login():
|
| 57 |
-
# Ensure session is initialized for CSRF token
|
| 58 |
-
session.setdefault('_csrf_init', True)
|
| 59 |
-
session.modified = True
|
| 60 |
-
|
| 61 |
if current_user.is_authenticated:
|
| 62 |
return redirect('/')
|
| 63 |
|
|
|
|
| 1 |
+
from flask import Blueprint, render_template, redirect, url_for, flash, request, jsonify
|
| 2 |
from flask_login import login_user, logout_user, login_required, current_user
|
| 3 |
# Assuming db and login_manager are initialized in __init__.py
|
| 4 |
from web_app import db, login_manager
|
|
|
|
| 15 |
|
| 16 |
@bp.route('/register', methods=['GET', 'POST'])
|
| 17 |
def register():
|
|
|
|
|
|
|
|
|
|
|
|
|
| 18 |
if current_user.is_authenticated:
|
| 19 |
return redirect('/') # Redirect to React homepage
|
| 20 |
|
|
|
|
| 50 |
|
| 51 |
@bp.route('/login', methods=['GET', 'POST'])
|
| 52 |
def login():
|
|
|
|
|
|
|
|
|
|
|
|
|
| 53 |
if current_user.is_authenticated:
|
| 54 |
return redirect('/')
|
| 55 |
|