fix: configure secure session cookies and dynamic domain for frontend URL

2025-01-13 17:52:25 -05:00
parent a010afcc43
commit 062111d7fe
1 changed files with 8 additions and 0 deletions
--- a/backend/server/main/settings.py
+++ b/backend/server/main/settings.py
@@ -128,6 +128,14 @@ USE_L10N = True
 USE_TZ = True

 SESSION_COOKIE_SAMESITE = None
+SESSION_COOKIE_SECURE = getenv('FRONTEND_URL', 'http://localhost:3000').startswith('https://')
+from urllib.parse import urlparse
+
+frontend_url = getenv('FRONTEND_URL', 'http://localhost:3000')
+parsed_url = urlparse(frontend_url)
+domain_parts = parsed_url.hostname.split('.')
+SESSION_COOKIE_DOMAIN = '.' + '.'.join(domain_parts[-2:]) if len(domain_parts) > 1 else parsed_url.hostname
+print(SESSION_COOKIE_DOMAIN)

 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/1.7/howto/static-files/