apunkt/SurfSense
1
0
Fork 0
mirror of https://github.com/MODSetter/SurfSense.git synced 2026-04-28 18:36:23 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Switch refresh token storage from cookies to localStorage

Browse source
This commit is contained in:
CREDO23 2026-02-05 17:55:21 +02:00
parent f3a9922eb9
commit 233852b681
7 changed files with 160 additions and 88 deletions
Download patch file Download diff file Expand all files Collapse all files

12
surfsense_backend/app/users.py
View file

@ -23,7 +23,6 @@ from app.db import (
get_default_roles_config,
get_user_db,
)
from app.utils.auth_cookies import set_refresh_token_cookie
from app.utils.refresh_tokens import create_refresh_token
logger = logging.getLogger(__name__)
@ -238,16 +237,11 @@ class CustomBearerTransport(BearerTransport):
redirect_url = (
f"{config.NEXT_FRONTEND_URL}/auth/callback"
f"?token={bearer_response.access_token}"
f"&refresh_token={bearer_response.refresh_token}"
)
response = RedirectResponse(redirect_url, status_code=302)
return RedirectResponse(redirect_url, status_code=302)
else:
response = JSONResponse(bearer_response.model_dump())
# Set refresh token as HTTP-only cookie
if refresh_token:
set_refresh_token_cookie(response, refresh_token)
return response
return JSONResponse(bearer_response.model_dump())
bearer_transport = CustomBearerTransport(tokenUrl="auth/jwt/login")