Spaces:
Running
on
CPU Upgrade
Running
on
CPU Upgrade
Commit
·
e64875c
1
Parent(s):
ca62031
fix cookie
Browse files
app.py
CHANGED
|
@@ -188,12 +188,13 @@ async def auth_login(request: Request, state: Optional[str] = None):
|
|
| 188 |
response = RedirectResponse(url=auth_url, status_code=302)
|
| 189 |
|
| 190 |
# Store state in cookie for validation in callback
|
|
|
|
| 191 |
if not state: # Only set cookie if state wasn't provided
|
| 192 |
response.set_cookie(
|
| 193 |
key="hf_oauth_state",
|
| 194 |
value=oauth_state,
|
| 195 |
httponly=True,
|
| 196 |
-
samesite="
|
| 197 |
secure=True,
|
| 198 |
max_age=300, # 5 minutes
|
| 199 |
path="/"
|
|
|
|
| 188 |
response = RedirectResponse(url=auth_url, status_code=302)
|
| 189 |
|
| 190 |
# Store state in cookie for validation in callback
|
| 191 |
+
# Note: samesite="none" is required for iframe/cross-site contexts
|
| 192 |
if not state: # Only set cookie if state wasn't provided
|
| 193 |
response.set_cookie(
|
| 194 |
key="hf_oauth_state",
|
| 195 |
value=oauth_state,
|
| 196 |
httponly=True,
|
| 197 |
+
samesite="none", # Required for iframe/third-party context
|
| 198 |
secure=True,
|
| 199 |
max_age=300, # 5 minutes
|
| 200 |
path="/"
|