secure cookies

author: altaf-creator <dev@altafcreator.com> 2025-12-03 15:52:56 +0700
committer: altaf-creator <dev@altafcreator.com> 2025-12-03 15:52:56 +0700
commit: 761cd8abbdc72836be61d327adb0c31a887d6d0b (patch)
tree: 5ac4a16ef1d396270e26dd6cb1dcf0d1178f3073 /backend/main.py
parent: 2f946c233ee67e149b79c2878efeddbbb0dc1846 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/backend/main.py b/backend/main.py
index c69247f..e7cbd84 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -226,18 +226,18 @@ def final_timer_finished(timer_id):
 
 def create_session(response: fastapi.Response):
     cookie = secrets.token_hex(32)
-    response.set_cookie(key="session_key", value=cookie)
+    response.set_cookie(key="session_key", value=cookie, secure=True)
     return cookie
 
 
 def authenticate_block(response: fastapi.Response, machine_id: str = None, block: int = None):
     if machine_id:
         blk = URI_TO_MACHINES[qr_uri[machine_id]][0]
-        response.set_cookie(key="auth_block", value=blk)
+        response.set_cookie(key="auth_block", value=blk, secure=True)
         return blk
     elif block:
         blk = block
-        response.set_cookie(key="auth_block", value=blk)
+        response.set_cookie(key="auth_block", value=blk, secure=True)
         return block
     else:
         return "FAIL"
author	altaf-creator <dev@altafcreator.com>	2025-12-03 15:52:56 +0700
committer	altaf-creator <dev@altafcreator.com>	2025-12-03 15:52:56 +0700
commit	761cd8abbdc72836be61d327adb0c31a887d6d0b (patch)
tree	5ac4a16ef1d396270e26dd6cb1dcf0d1178f3073 /backend/main.py
parent	2f946c233ee67e149b79c2878efeddbbb0dc1846 (diff)