forked from s3lph/matemat
fix: session id shared between all sessions
fix: minor css fixes
This commit is contained in:
parent
67e2a813d5
commit
745843e07d
GPG key ID:
0AA29A52FB33CFB5
5 changed files with 27 additions and 7 deletions
14
CHANGELOG.md
14
CHANGELOG.md
|
|
@ -1,5 +1,19 @@
|
|||
# Matemat Changelog
|
||||
|
||||
<!-- BEGIN RELEASE v0.4.1 -->
|
||||
## Version 0.4.1
|
||||
|
||||
Security Fix & minor UI fixes
|
||||
|
||||
### Changes
|
||||
|
||||
<!-- BEGIN CHANGES 0.4.1 -->
|
||||
- fix: session id shared between all sessions
|
||||
- fix: minor css fixes
|
||||
<!-- END CHANGES 0.4.1 -->
|
||||
|
||||
<!-- END RELEASE v0.4.1 -->
|
||||
|
||||
<!-- BEGIN RELEASE v0.4.0 -->
|
||||
## Version 0.4.0
|
||||
|
||||
|
|
|
|||
|
|
@ -1,2 +1,2 @@
|
|||
|
||||
__version__ = '0.4.0'
|
||||
__version__ = '0.4.1'
|
||||
|
|
|
|||
|
|
@ -20,9 +20,9 @@ def start() -> str:
|
|||
|
||||
:return: The session ID.
|
||||
"""
|
||||
if hasattr(response, 'session_id'):
|
||||
if 'session_id' in request.environ:
|
||||
# A session has already been created while handling the same request
|
||||
return response.session_id
|
||||
return request.environ['session_id']
|
||||
# Reference date for session timeout
|
||||
now = datetime.now(UTC)
|
||||
# Read the client's session ID, if any
|
||||
|
|
@ -46,9 +46,9 @@ def start() -> str:
|
|||
(now + timedelta(seconds=_SESSION_TIMEOUT), __session_vars[session_id][1])
|
||||
# Return the session ID and timeout
|
||||
response.set_cookie(_COOKIE_NAME, session_id, secret=__key)
|
||||
# Piggy-back the session id onto the response object so that we don't create another session
|
||||
# Piggy-back the session id onto the request object so that we don't create another session
|
||||
# in subsequent calls to start() while handling the same request.
|
||||
response.session_id = session_id
|
||||
request.environ['session_id'] = session_id
|
||||
return session_id
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -233,3 +233,9 @@
|
|||
.card-img-overlay span {
|
||||
padding: .5em;
|
||||
}
|
||||
|
||||
.card-header {
|
||||
overflow: hidden;
|
||||
white-space: nowrap;
|
||||
text-overflow: ellipsis;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,10 +8,10 @@
|
|||
<p>
|
||||
Your balance: <strong>{{ authuser.balance|chf }}</strong>
|
||||
</p>
|
||||
<p id="depositlist">
|
||||
<div id="depositlist">
|
||||
<a class="btn btn-primary me-2" href="/deposit?n=100">Deposit CHF 1</a>
|
||||
<a class="btn btn-primary me-2" href="/deposit?n=1000">Deposit CHF 10</a>
|
||||
</p>
|
||||
</div>
|
||||
<div id="deposit-wrapper">
|
||||
<div id="deposit-input">
|
||||
<div id="deposit-output">
|
||||
|
|
|
|||
Loading…
Reference in a new issue