scottk/Mailu
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/Mailu.git synced 2025-11-02 02:57:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change the logic

Browse Source 
The idea here is that if you have set SESSION_COOKIE_SECURE we should
honor that... and if you haven't we should try to do the right thing.
This commit is contained in:
Florent Daigniere
2022-11-15 10:47:20 +01:00
parent 76f8517e00
commit 66de1dcec8
3 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
core/admin/mailu/configuration.py
View File

@@ -73,7 +73,7 @@ DEFAULT_CONFIG = {
'SESSION_KEY_BITS': 128,
'SESSION_TIMEOUT': 3600,
'PERMANENT_SESSION_LIFETIME': 30*24*3600,
'SESSION_COOKIE_SECURE': True,
'SESSION_COOKIE_SECURE': False,
'CREDENTIAL_ROUNDS': 12,
'TLS_PERMISSIVE': True,
'TZ': 'Etc/UTC',
@@ -156,6 +156,8 @@ class ConfigManager:
self.config['SESSION_STORAGE_URL'] = f'redis://{self.config["REDIS_ADDRESS"]}/3'
self.config['SESSION_COOKIE_SAMESITE'] = 'Strict'
self.config['SESSION_COOKIE_HTTPONLY'] = True
if self.config['TLS_FLAVOR'] != 'notls' and not self.config['SESSION_COOKIE_SECURE']:
self.config['SESSION_COOKIE_SECURE'] = True
self.config['SESSION_PERMANENT'] = True
self.config['SESSION_TIMEOUT'] = int(self.config['SESSION_TIMEOUT'])
self.config['PERMANENT_SESSION_LIFETIME'] = int(self.config['PERMANENT_SESSION_LIFETIME'])