Spaces:
Sleeping
Sleeping
Fix session persistence behind HF Spaces reverse proxy
Browse filesLogin was succeeding but session cookie wasn't persisting — Flask
didn't know it was behind an HTTPS proxy. ProxyFix + explicit
SameSite=Lax fixes the redirect loop after login.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
app.py
CHANGED
|
@@ -222,6 +222,12 @@ from flask_login import login_required, current_user
|
|
| 222 |
app = Flask(__name__)
|
| 223 |
app.secret_key = os.environ.get("SECRET_KEY", "rf-secret-key-2026")
|
| 224 |
app.config["MAX_CONTENT_LENGTH"] = 128 * 1024 * 1024
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 225 |
|
| 226 |
# Configurazione Logging Aggressiva (Anti-Noise)
|
| 227 |
logging.basicConfig(
|
|
|
|
| 222 |
app = Flask(__name__)
|
| 223 |
app.secret_key = os.environ.get("SECRET_KEY", "rf-secret-key-2026")
|
| 224 |
app.config["MAX_CONTENT_LENGTH"] = 128 * 1024 * 1024
|
| 225 |
+
app.config["SESSION_COOKIE_SAMESITE"] = "Lax"
|
| 226 |
+
app.config["SESSION_COOKIE_SECURE"] = False # HF Spaces: HTTP interno, HTTPS esterno via proxy
|
| 227 |
+
|
| 228 |
+
# ProxyFix: HF Spaces usa reverse proxy — senza questo le sessioni non persistono
|
| 229 |
+
from werkzeug.middleware.proxy_fix import ProxyFix
|
| 230 |
+
app.wsgi_app = ProxyFix(app.wsgi_app, x_proto=1, x_host=1)
|
| 231 |
|
| 232 |
# Configurazione Logging Aggressiva (Anti-Noise)
|
| 233 |
logging.basicConfig(
|