github/plexpy
1
0
Fork 0
mirror of https://github.com/Tautulli/Tautulli.git synced 2025-08-14 02:26:58 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Expire the previous JWT on update if HTTP root is set

Browse source 
* Required for Tautulli/Tautulli-Issues#255
This commit is contained in:
JonnyWong16 2020-06-24 14:04:07 -07:00
commit 48f846da40
No known key found for this signature in database
GPG key ID: B1F1F9807184697A
3 changed files with 13 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
plexpy/config.py
View file

@ -943,4 +943,10 @@ class Config(object):
if plexpy.DOCKER:
self.PLEXPY_AUTO_UPDATE = 0
self.CONFIG_VERSION == 15
self.CONFIG_VERSION = 15
if self.CONFIG_VERSION == 15:
if self.HTTP_ROOT and self.HTTP_ROOT != '/':
self.JWT_UPDATE_SECRET = True
self.CONFIG_VERSION = 16

6
plexpy/webauth.py
View file

@ -296,10 +296,14 @@ class AuthController(object):
self.on_logout(payload['user'], payload['user_group'])
jwt_cookie = str(JWT_COOKIE_NAME + plexpy.CONFIG.PMS_UUID)
cherrypy.response.cookie[jwt_cookie] = 'expire'
cherrypy.response.cookie[jwt_cookie] = ''
cherrypy.response.cookie[jwt_cookie]['expires'] = 0
cherrypy.response.cookie[jwt_cookie]['path'] = plexpy.HTTP_ROOT.rstrip('/') or '/'
if plexpy.HTTP_ROOT != '/':
# Aslo expire the JWT on the root path
cherrypy.response.headers['Set-Cookie'] = jwt_cookie + '=""; expires=Thu, 01 Jan 1970 12:00:00 GMT; path=/'
cherrypy.request.login = None
if redirect_uri: