Skip to content

Commit bd2922b

Browse files
vimallocvimalloc
authored
Merge pull request #38 from frnsys/master
Add support for specifying cookie domain with JWT_COOKIE_DOMAIN
2 parents a69ecff + 3565fc1 commit bd2922b

File tree

3 files changed

+14
-1
lines changed

3 files changed

+14
-1
lines changed

flask_jwt_extended/config.py

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ class _Config(object):
1010
Helper object for accessing and verifying options in this extension. This
1111
is meant for internal use of the application; modifying config options
1212
should be done with flasks ```app.config```.
13-
13+
1414
Default values for the configuration options are set in the jwt_manager
1515
object. All of these values are read only.
1616
"""
@@ -65,6 +65,10 @@ def refresh_cookie_path(self):
6565
def cookie_secure(self):
6666
return current_app.config['JWT_COOKIE_SECURE']
6767

68+
@property
69+
def cookie_domain(self):
70+
return current_app.config['JWT_COOKIE_DOMAIN']
71+
6872
@property
6973
def session_cookie(self):
7074
return current_app.config['JWT_SESSION_COOKIE']

flask_jwt_extended/jwt_manager.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,7 @@ def _set_default_configuration_options(app):
119119
app.config.setdefault('JWT_ACCESS_COOKIE_PATH', '/')
120120
app.config.setdefault('JWT_REFRESH_COOKIE_PATH', '/')
121121
app.config.setdefault('JWT_COOKIE_SECURE', False)
122+
app.config.setdefault('JWT_COOKIE_DOMAIN', None)
122123
app.config.setdefault('JWT_SESSION_COOKIE', True)
123124

124125
# Options for using double submit csrf protection

flask_jwt_extended/utils.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,7 @@ def set_access_cookies(response, encoded_access_token):
7070
max_age=config.cookie_max_age,
7171
secure=config.cookie_secure,
7272
httponly=True,
73+
domain=config.cookie_domain,
7374
path=config.access_cookie_path)
7475

7576
# If enabled, set the csrf double submit access cookie
@@ -79,6 +80,7 @@ def set_access_cookies(response, encoded_access_token):
7980
max_age=config.cookie_max_age,
8081
secure=config.cookie_secure,
8182
httponly=False,
83+
domain=config.cookie_domain,
8284
path=config.access_csrf_cookie_path)
8385

8486

@@ -97,6 +99,7 @@ def set_refresh_cookies(response, encoded_refresh_token):
9799
max_age=config.cookie_max_age,
98100
secure=config.cookie_secure,
99101
httponly=True,
102+
domain=config.cookie_domain,
100103
path=config.refresh_cookie_path)
101104

102105
# If enabled, set the csrf double submit refresh cookie
@@ -106,6 +109,7 @@ def set_refresh_cookies(response, encoded_refresh_token):
106109
max_age=config.cookie_max_age,
107110
secure=config.cookie_secure,
108111
httponly=False,
112+
domain=config.cookie_domain,
109113
path=config.refresh_csrf_cookie_path)
110114

111115

@@ -124,12 +128,14 @@ def unset_jwt_cookies(response):
124128
expires=0,
125129
secure=config.cookie_secure,
126130
httponly=True,
131+
domain=config.cookie_domain,
127132
path=config.refresh_cookie_path)
128133
response.set_cookie(config.access_cookie_name,
129134
value='',
130135
expires=0,
131136
secure=config.cookie_secure,
132137
httponly=True,
138+
domain=config.cookie_domain,
133139
path=config.access_cookie_path)
134140

135141
if config.csrf_protect and config.csrf_in_cookies:
@@ -138,10 +144,12 @@ def unset_jwt_cookies(response):
138144
expires=0,
139145
secure=config.cookie_secure,
140146
httponly=False,
147+
domain=config.cookie_domain,
141148
path=config.refresh_csrf_cookie_path)
142149
response.set_cookie(config.access_csrf_cookie_name,
143150
value='',
144151
expires=0,
145152
secure=config.cookie_secure,
146153
httponly=False,
154+
domain=config.cookie_domain,
147155
path=config.access_csrf_cookie_path)

0 commit comments

Comments
 (0)