问题
Two separate Flask applications, running on two different subdomains, however the login sessions are not persisting between the subdomains.
For example; logging into a.example.co.uk will result in the user being logged in. However, visiting b.example.co.uk - the user will not be logged in.
Running Apache, Flask (with Flask-Login), Ubuntu 18, Python 3.
App secret is the same on both applications. Tried playing with SERVER_NAME configuration setting.
Cookies are correctly being set to .example.co.uk
Cookies are configured to be used on any subdomain.
SESSION_COOKIE_NAME="example",
SESSION_COOKIE_DOMAIN=".example.co.uk",
REMEMBER_COOKIE_DOMAIN=".example.co.uk",
Logging into either subdomain should mean the user is logged into the other.
回答1:
Does it remember when you close out and go back into a.example.co.uk? You need to set REMEMBER_COOKIE_SECURE in your config to False or None, can't remember but I had this issue before and that was what solved it. Check out Flask-Login Documentation
回答2:
Managed to solve it!
Turns out I was setting the Flask application secret keys in the wsgi files, like so;
from App import app as application
application.secret_key = 'xxxxxxx'
And both the applications had different secret keys in their wsgi files! Completely forgot I was setting the secret keys in both the wsgi file and the main python file.
Removing setting the secret keys from the wsgi files solved my problem
来源:https://stackoverflow.com/questions/58381669/same-flask-login-session-across-two-applications