salman/igny8
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "messy logout fixing"

Browse Source 
This reverts commit 4fb3a144d7.
This commit is contained in:
alorig
2025-12-15 17:24:07 +05:00
parent 4fb3a144d7
commit 25f1c32366
27 changed files with 95 additions and 4396 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
backend/igny8_core/settings.py
View File

@@ -96,34 +96,12 @@ CSRF_COOKIE_SECURE = USE_SECURE_COOKIES
# CRITICAL: Session isolation to prevent contamination
SESSION_COOKIE_NAME = 'igny8_sessionid' # Custom name to avoid conflicts
SESSION_COOKIE_HTTPONLY = True # Prevent JavaScript access
SESSION_COOKIE_SAMESITE = 'Lax' # Changed from Strict - allows external redirects
SESSION_COOKIE_AGE = 1209600 # 14 days (2 weeks)
SESSION_SAVE_EVERY_REQUEST = True # Enable sliding window - extends session on activity
SESSION_COOKIE_SAMESITE = 'Strict' # Prevent cross-site cookie sharing
SESSION_COOKIE_AGE = 86400 # 24 hours
SESSION_SAVE_EVERY_REQUEST = False # Don't update session on every request (reduces DB load)
SESSION_COOKIE_PATH = '/' # Explicit path
# Don't set SESSION_COOKIE_DOMAIN - let it default to current domain for strict isolation
# CRITICAL: Use Redis for session storage (not database)
# Provides better performance and automatic expiry
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
SESSION_CACHE_ALIAS = 'default'
# Configure Redis cache for sessions
CACHES = {
'default': {
'BACKEND': 'django_redis.cache.RedisCache',
'LOCATION': f"redis://{os.getenv('REDIS_HOST', 'redis')}:{os.getenv('REDIS_PORT', '6379')}/1",
'OPTIONS': {
'CLIENT_CLASS': 'django_redis.client.DefaultClient',
'SOCKET_CONNECT_TIMEOUT': 5,
'SOCKET_TIMEOUT': 5,
'CONNECTION_POOL_KWARGS': {
'max_connections': 50,
'retry_on_timeout': True
}
}
}
}
# CRITICAL: Custom authentication backend to disable user caching
AUTHENTICATION_BACKENDS = [
'igny8_core.auth.backends.NoCacheModelBackend', # Custom backend without caching
@@ -542,7 +520,7 @@ CORS_EXPOSE_HEADERS = [
# JWT Configuration
JWT_SECRET_KEY = os.getenv('JWT_SECRET_KEY', SECRET_KEY)
JWT_ALGORITHM = 'HS256'
JWT_ACCESS_TOKEN_EXPIRY = timedelta(hours=1) # Increased from 15min to 1 hour
JWT_ACCESS_TOKEN_EXPIRY = timedelta(minutes=15)
JWT_REFRESH_TOKEN_EXPIRY = timedelta(days=30) # Extended to 30 days for persistent login
# Celery Configuration