From 761cd8abbdc72836be61d327adb0c31a887d6d0b Mon Sep 17 00:00:00 2001
From: altaf-creator <dev@altafcreator.com>
Date: Wed, 3 Dec 2025 15:52:56 +0700
Subject: secure cookies

---
 backend/main.py           | 6 +++---
 frontend/timer/index.html | 3 +++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/backend/main.py b/backend/main.py
index c69247f..e7cbd84 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -226,18 +226,18 @@ def final_timer_finished(timer_id):
 
 def create_session(response: fastapi.Response):
     cookie = secrets.token_hex(32)
-    response.set_cookie(key="session_key", value=cookie)
+    response.set_cookie(key="session_key", value=cookie, secure=True)
     return cookie
 
 
 def authenticate_block(response: fastapi.Response, machine_id: str = None, block: int = None):
     if machine_id:
         blk = URI_TO_MACHINES[qr_uri[machine_id]][0]
-        response.set_cookie(key="auth_block", value=blk)
+        response.set_cookie(key="auth_block", value=blk, secure=True)
         return blk
     elif block:
         blk = block
-        response.set_cookie(key="auth_block", value=blk)
+        response.set_cookie(key="auth_block", value=blk, secure=True)
         return block
     else:
         return "FAIL"
diff --git a/frontend/timer/index.html b/frontend/timer/index.html
index f99b881..2d03d70 100644
--- a/frontend/timer/index.html
+++ b/frontend/timer/index.html
@@ -28,6 +28,9 @@
 			<button class="button button-tab bg-3" onclick="window.location.href = '/status/'">Status</button>
 		</div>
 		<div id="timer-container" class="section-container no-pad"></div>
+		<div>
+			<span>Developed by Athaalaa Altaf Hafidz, H1-09-16</span>
+		</div>
 		<script src="/main.js"></script>
 		<script>
 			startLoadTimers();
-- 
cgit v1.2.3