auth: Correctly set session expiry time in cookies

author Michael Tremer <michael.tremer@ipfire.org>

Sun, 26 Jan 2025 10:57:11 +0000 (10:57 +0000)

committer Michael Tremer <michael.tremer@ipfire.org>

Sun, 26 Jan 2025 10:57:11 +0000 (10:57 +0000)
author Michael Tremer <michael.tremer@ipfire.org>
Sun, 26 Jan 2025 10:57:11 +0000 (10:57 +0000)
committer Michael Tremer <michael.tremer@ipfire.org>
Sun, 26 Jan 2025 10:57:11 +0000 (10:57 +0000)
diff --git a/src/web/auth.py b/src/web/auth.py

index 1d4c5fea29372138adca95014ca96a5fb1690d0c..3617f6d8d840bdce86c3fef2cd365a7c7691754c 100644 (file)
--- a/src/web/auth.py
+++ b/src/web/auth.py
@@ -37,7 +37,8 @@ class LoginHandler(base.KerberosAuthMixin, base.BaseHandler):
                                 self.current_address, user_agent=self.user_agent)
  
                 # Send the session cookie to the browser
-               self.set_cookie("session_id", session.session_id, secure=True, expires=session.valid_until)
+               self.set_cookie("session_id", session.session_id,
+                       secure=True, expires=session.expires_at)
  
                 # If there is "next" given, we redirect the user accordingly
                 next = self.get_argument("next", None)
author	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 26 Jan 2025 10:57:11 +0000 (10:57 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 26 Jan 2025 10:57:11 +0000 (10:57 +0000)