Hacker-Software
/
https-proxy-with-self-signed-cert
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix session loss by using stable secret key 

Derive secret_key from credentials instead of random generation,
so sessions survive container restarts and work across workers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Stefan Hacker 2026-04-09 16:10:21 +02:00
parent 6fadb73263
commit e147d4f670
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/app.py
View File

@ -1,6 +1,6 @@
import hashlib
import json import json
import os import os
import secrets
import subprocess import subprocess
from functools import wraps from functools import wraps
from pathlib import Path from pathlib import Path
@ -9,7 +9,12 @@ from flask import (Flask, jsonify, redirect, render_template, request,
send_file, session, url_for) send_file, session, url_for)
app = Flask(__name__) app = Flask(__name__)
app.secret_key = os.environ.get("SECRET_KEY", secrets.token_hex(32))
# Stable secret key: derive from username+password so it survives restarts
# but changes when credentials change
_username = os.environ.get("WEBUI_USERNAME", "admin")
_password = os.environ.get("WEBUI_PASSWORD", "admin123")
app.secret_key = hashlib.sha256(f"{_username}:{_password}:proxy-secret".encode()).hexdigest()
CONFIG_FILE = "/data/proxy_config.json" CONFIG_FILE = "/data/proxy_config.json"
NGINX_CONF_DIR = "/etc/nginx/conf.d" NGINX_CONF_DIR = "/etc/nginx/conf.d"