middlware-fix

2025-06-28 13:56:05 +03:00
parent c48f5f9368
commit 52bf78320b
5 changed files with 120 additions and 94 deletions
--- a/settings.py
+++ b/settings.py
@@ -63,7 +63,7 @@ JWT_REFRESH_TOKEN_EXPIRE_DAYS = 30

 # Настройки для HTTP cookies (используется в auth middleware)
 SESSION_COOKIE_NAME = "auth_token"
-SESSION_COOKIE_SECURE = False
+SESSION_COOKIE_SECURE = True  # Включаем для HTTPS
 SESSION_COOKIE_HTTPONLY = True
 SESSION_COOKIE_SAMESITE: Literal["lax", "strict", "none"] = "lax"
 SESSION_COOKIE_MAX_AGE = 30 * 24 * 60 * 60  # 30 дней