Skip to content

Commit

Permalink
fixed cookie refresh bug
Browse files Browse the repository at this point in the history 
Issue maxcountryman#824. Before, if a user was logged in with the login_user function when the remember parameter was set to false, their cookies would still be refreshed if the "REMEMBER_COOKIE_REFRESH_EACH_REQUEST" configuration option was set to true. This happens because if the login_user function has the remember parameter be false, it doesn't assign session["_rememeber"] any value. When session["_rememeber"] doesn't have any value and the "REMEMBER_COOKIE_REFRESH_EACH_REQUEST" configuration option is set to true, the _update_remember_cookie function sets the session["_rememeber"] value to "set". This fix makes it so if the login_user function is given false for the remember parameter, instead of leaving session["_remember"] empty, it  sets the value to "unset".
  • Loading branch information
@Arcane-Ryn
Arcane-Ryn committed Aug 10, 2024
1 parent 26d12ea commit 0754f68
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 0 deletions.
2 changes: 2 additions & 0 deletions src/flask_login/login_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -402,6 +402,8 @@ def _update_remember_cookie(self, response):
self._set_cookie(response)
elif operation == "clear":
self._clear_cookie(response)
elif operation == "unset":
session["_remember"] = "unset"

return response

Expand Down
2 changes: 2 additions & 0 deletions src/flask_login/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,8 @@ def login_user(user, remember=False, duration=None, force=False, fresh=True):
raise Exception(
f"duration must be a datetime.timedelta, instead got: {duration}"
) from e
else:
session["_remember"] = "unset"

current_app.login_manager._update_request_context_with_user(user)
user_logged_in.send(current_app._get_current_object(), user=_get_user())
Expand Down

0 comments on commit 0754f68

Please sign in to comment.