- logging improvement and simplification (no more graylog)

- Traicie Selection Specialist Round Trip - Session improvements + debugging enabled - Tone of Voice & Langauge Level definitions introduced
2025-06-20 07:58:06 +02:00
parent babcd6ec04
commit 5b2c04501c
29 changed files with 916 additions and 167 deletions
--- a/config/config.py
+++ b/config/config.py
@@ -12,10 +12,7 @@ class Config(object):
    DEBUG = False
    DEVELOPMENT = False
    SECRET_KEY = environ.get('SECRET_KEY')
-    SESSION_COOKIE_SECURE = False
-    SESSION_COOKIE_HTTPONLY = True
    COMPONENT_NAME = environ.get('COMPONENT_NAME')
-    SESSION_KEY_PREFIX = f'{COMPONENT_NAME}_'

    # Database Settings
    DB_HOST = environ.get('DB_HOST')
@@ -44,8 +41,6 @@ class Config(object):
    # SECURITY_POST_CHANGE_VIEW = '/admin/login'
    # SECURITY_BLUEPRINT_NAME = 'security_bp'
    SECURITY_PASSWORD_SALT = environ.get('SECURITY_PASSWORD_SALT')
-    REMEMBER_COOKIE_SAMESITE = 'strict'
-    SESSION_COOKIE_SAMESITE = 'Lax'
    SECURITY_CONFIRMABLE = True
    SECURITY_TRACKABLE = True
    SECURITY_PASSWORD_COMPLEXITY_CHECKER = 'zxcvbn'
@@ -56,6 +51,10 @@ class Config(object):
    SECURITY_EMAIL_SUBJECT_PASSWORD_NOTICE = 'Your Password Has Been Reset'
    SECURITY_EMAIL_PLAINTEXT = False
    SECURITY_EMAIL_HTML = True
+    SECURITY_SESSION_PROTECTION = 'basic'  # of 'basic' als 'strong' problemen geeft
+    SECURITY_REMEMBER_TOKEN_VALIDITY = timedelta(minutes=60)  # Zelfde als session lifetime
+    SECURITY_AUTO_LOGIN_AFTER_CONFIRM = True
+    SECURITY_AUTO_LOGIN_AFTER_RESET = True

    # Ensure Flask-Security-Too is handling CSRF tokens when behind a proxy
    SECURITY_CSRF_PROTECT_MECHANISMS = ['session']
@@ -189,6 +188,15 @@ class Config(object):
    PERMANENT_SESSION_LIFETIME = timedelta(minutes=60)
    SESSION_REFRESH_EACH_REQUEST = True

+    SESSION_COOKIE_NAME = f'{COMPONENT_NAME}_session'
+    SESSION_COOKIE_DOMAIN = None  # Laat Flask dit automatisch bepalen
+    SESSION_COOKIE_PATH = '/'
+    SESSION_COOKIE_HTTPONLY = True
+    SESSION_COOKIE_SECURE = False  # True voor production met HTTPS
+    SESSION_COOKIE_SAMESITE = 'Lax'
+    REMEMBER_COOKIE_SAMESITE = 'strict'
+    SESSION_KEY_PREFIX = f'{COMPONENT_NAME}_'
+
    # JWT settings
    JWT_SECRET_KEY = environ.get('JWT_SECRET_KEY')
    JWT_ACCESS_TOKEN_EXPIRES = timedelta(hours=1)  # Set token expiry to 1 hour