Cut over OIDC redirect to speech.du5t.xyz
NPM proxy host + Let's Encrypt cert for speech.du5t.xyz are live, so flip the session cookie to https_only=True (the redirect_uri and Authentik provider config changes live outside this repo, in /srv/asr/env/asr.env and the Authentik provider record). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -21,7 +21,7 @@ app.add_middleware(
|
||||
SessionMiddleware,
|
||||
secret_key=SESSION_SECRET_KEY,
|
||||
same_site="lax",
|
||||
https_only=False, # 아직 전용 도메인/TLS가 없어 내부 IP:포트(http)로 접근하기 때문
|
||||
https_only=True, # speech.du5t.xyz는 NPM에서 TLS 종료 후 내부로 포워딩됨
|
||||
max_age=14 * 24 * 3600,
|
||||
)
|
||||
app.add_middleware(
|
||||
|
||||
Reference in New Issue
Block a user