Spaces:
Running
Running
Commit
Β·
1c1facd
1
Parent(s):
be074f1
Add HF Spaces specific session configuration
Browse filesBased on HF official recommendations and security practices:
- Use environment-specific session middleware config
- HF Spaces: same_site='none', https_only=True, custom cookie name
- Add detailed HF Spaces session debugging with cookies and headers
- Shorter session expiry for HF Spaces (1 hour vs 24 hours)
- Explicit path and domain settings for HF proxy compatibility
This addresses known HF Spaces proxy/middleware session issues.
- backend/app.py +27 -7
- backend/dependencies.py +25 -2
backend/app.py
CHANGED
|
@@ -56,14 +56,34 @@ app.add_middleware(
|
|
| 56 |
)
|
| 57 |
|
| 58 |
# Add session middleware (second, so auth can read session data)
|
|
|
|
| 59 |
session_secret = os.getenv("SESSION_SECRET_KEY") or secrets.token_urlsafe(32)
|
| 60 |
-
|
| 61 |
-
|
| 62 |
-
|
| 63 |
-
|
| 64 |
-
|
| 65 |
-
|
| 66 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 67 |
|
| 68 |
# Add conditional authentication middleware (after session)
|
| 69 |
# TEMPORARILY DISABLED for debugging session issues
|
|
|
|
| 56 |
)
|
| 57 |
|
| 58 |
# Add session middleware (second, so auth can read session data)
|
| 59 |
+
# HF Spaces specific session configuration
|
| 60 |
session_secret = os.getenv("SESSION_SECRET_KEY") or secrets.token_urlsafe(32)
|
| 61 |
+
|
| 62 |
+
# Detect if running in HF Spaces and adjust session config accordingly
|
| 63 |
+
from utils.environment import is_huggingface_space
|
| 64 |
+
if is_huggingface_space():
|
| 65 |
+
# HF Spaces optimized session configuration
|
| 66 |
+
logger.info("ποΈ Configuring session middleware for HF Spaces environment")
|
| 67 |
+
app.add_middleware(
|
| 68 |
+
SessionMiddleware,
|
| 69 |
+
secret_key=session_secret,
|
| 70 |
+
max_age=3600, # Shorter expiry for HF Spaces (1 hour)
|
| 71 |
+
same_site="none", # More permissive for HF Spaces proxy
|
| 72 |
+
https_only=True, # HF Spaces uses HTTPS
|
| 73 |
+
session_cookie="hf_session", # Custom cookie name for HF Spaces
|
| 74 |
+
path="/", # Explicit path
|
| 75 |
+
domain=None, # Let HF Spaces handle domain
|
| 76 |
+
)
|
| 77 |
+
else:
|
| 78 |
+
# Local development session configuration
|
| 79 |
+
logger.info("π Configuring session middleware for local development")
|
| 80 |
+
app.add_middleware(
|
| 81 |
+
SessionMiddleware,
|
| 82 |
+
secret_key=session_secret,
|
| 83 |
+
max_age=86400, # 24 hours for local dev
|
| 84 |
+
same_site="lax", # Better for OAuth redirects
|
| 85 |
+
https_only=False, # HTTP for local dev
|
| 86 |
+
)
|
| 87 |
|
| 88 |
# Add conditional authentication middleware (after session)
|
| 89 |
# TEMPORARILY DISABLED for debugging session issues
|
backend/dependencies.py
CHANGED
|
@@ -120,8 +120,31 @@ def get_current_user_optional(request: Request) -> Optional[Dict[str, Any]]:
|
|
| 120 |
else:
|
| 121 |
# Add detailed debugging for session contents
|
| 122 |
session_keys = list(request.session.keys()) if hasattr(request.session, 'keys') else []
|
| 123 |
-
logger.
|
| 124 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 125 |
return None
|
| 126 |
except Exception as e:
|
| 127 |
logger.error(f"Session access failed: {e}")
|
|
|
|
| 120 |
else:
|
| 121 |
# Add detailed debugging for session contents
|
| 122 |
session_keys = list(request.session.keys()) if hasattr(request.session, 'keys') else []
|
| 123 |
+
logger.warning(f"π No user found in session for {request.url.path}. Session keys: {session_keys}")
|
| 124 |
+
|
| 125 |
+
# HF Spaces specific debugging
|
| 126 |
+
from utils.environment import is_huggingface_space
|
| 127 |
+
if is_huggingface_space():
|
| 128 |
+
# Log HF-specific session debugging info
|
| 129 |
+
cookies = request.cookies
|
| 130 |
+
logger.warning(f"πͺ HF Spaces cookies: {list(cookies.keys())}")
|
| 131 |
+
logger.warning(f"πͺ Session cookie present: {'hf_session' in cookies}")
|
| 132 |
+
|
| 133 |
+
# Check if session middleware is properly initialized
|
| 134 |
+
session_data = dict(request.session) if hasattr(request.session, 'keys') else {}
|
| 135 |
+
logger.warning(f"π HF Session data: {session_data}")
|
| 136 |
+
|
| 137 |
+
# Check request headers that might affect session
|
| 138 |
+
relevant_headers = {
|
| 139 |
+
'host': request.headers.get('host'),
|
| 140 |
+
'x-forwarded-for': request.headers.get('x-forwarded-for'),
|
| 141 |
+
'x-forwarded-proto': request.headers.get('x-forwarded-proto'),
|
| 142 |
+
'user-agent': request.headers.get('user-agent', '')[:50] + '...',
|
| 143 |
+
}
|
| 144 |
+
logger.warning(f"π HF Request headers: {relevant_headers}")
|
| 145 |
+
else:
|
| 146 |
+
logger.debug(f"π Full session contents: {dict(request.session) if hasattr(request.session, 'keys') else 'no session'}")
|
| 147 |
+
|
| 148 |
return None
|
| 149 |
except Exception as e:
|
| 150 |
logger.error(f"Session access failed: {e}")
|