RainerWieland/spawner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Set JWT cookie domain for all subpaths and subdomains

Browse Source 
The spawner_token cookie must be available for all user containers
running under subpaths (e.g., /e220dd278a12-template-dictionary/).

Added domain parameter to set_cookie() to make the JWT available
for all subdomains of BASE_DOMAIN.

This fixes the 401 'no token' error when accessing container APIs.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This commit is contained in:
XPS\Micro 2026-03-19 13:46:25 +01:00
parent 24afef32e4
commit ffc285358c
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api.py
View File

@ -38,6 +38,7 @@ def create_auth_response(access_token, user_data, expires_in):
# HttpOnly verhindert JavaScript-Zugriff # HttpOnly verhindert JavaScript-Zugriff
# Secure: nur über HTTPS # Secure: nur über HTTPS
# SameSite: CSRF-Schutz # SameSite: CSRF-Schutz
# Domain: Verfügbar für alle Subpfade und Subdomains
response.set_cookie( response.set_cookie(
'spawner_token', 'spawner_token',
access_token, access_token,
@ -45,7 +46,8 @@ def create_auth_response(access_token, user_data, expires_in):
httponly=True, httponly=True,
secure=True, # Nur über HTTPS secure=True, # Nur über HTTPS
samesite='Lax', # CSRF-Schutz samesite='Lax', # CSRF-Schutz
path='/' # Für alle Pfade verfügbar path='/', # Für alle Pfade verfügbar
domain=f".{Config.BASE_DOMAIN}" # Für alle Subpfade und Subdomains
) )
return response return response