Implement session cookie isolation between Django apps
- Added configurable SESSION_COOKIE_NAME and CSRF_COOKIE_NAME to Django settings - Main app now uses 'stiftung_sessionid' instead of default 'sessionid' - Paperless continues using default 'sessionid' for separation - All configuration centralized in .env files as requested - Updated both development and production compose configurations - Added session settings to env templates for easy deployment This resolves the session conflict where logging into one app would kick out sessions from the other app. Both applications now maintain independent login sessions.
This commit is contained in:
Stiftung Development
18
paperless/paperless_custom_settings.py
Normal file
18
paperless/paperless_custom_settings.py
Normal file
@@ -0,0 +1,18 @@
|
||||
# Paperless NGX session isolation configuration
|
||||
# This file overrides default session settings to prevent conflicts with other Django apps
|
||||
|
||||
import os
|
||||
from paperless.settings import *
|
||||
|
||||
# Override session cookie name to prevent conflicts with main Django app
|
||||
SESSION_COOKIE_NAME = 'paperless_sessionid'
|
||||
|
||||
# Also change CSRF cookie name for good measure
|
||||
CSRF_COOKIE_NAME = 'paperless_csrftoken'
|
||||
|
||||
# Ensure cookies are scoped to avoid conflicts
|
||||
SESSION_COOKIE_PATH = '/'
|
||||
CSRF_COOKIE_PATH = '/'
|
||||
|
||||
# Different secret key salt to ensure session isolation
|
||||
SESSION_COOKIE_SALT = 'paperless.sessions'
|
||||
Reference in New Issue
Block a user