decydowanie o zyciu cookie

app.py

@@ -34,6 +34,7 @@ DEFAULT_ADMIN_PASSWORD = app.config.get('DEFAULT_ADMIN_PASSWORD', 'admin123')
 UPLOAD_FOLDER = app.config.get('UPLOAD_FOLDER', 'uploads')
 ALLOWED_EXTENSIONS = {'png', 'jpg', 'jpeg', 'gif', 'webp'}
 AUTHORIZED_COOKIE_VALUE = app.config.get('AUTHORIZED_COOKIE_VALUE', '80d31cdfe63539c9')
+AUTH_COOKIE_MAX_AGE = app.config.get('AUTH_COOKIE_MAX_AGE', 86400)
 
 os.makedirs(UPLOAD_FOLDER, exist_ok=True)
 
@@ -250,14 +251,10 @@ def inject_time():
 def inject_has_authorized_cookie():
     return {'has_authorized_cookie': 'authorized' in request.cookies}
 
-""" @app.before_request
+@app.before_request
 def require_system_password():
     if request.endpoint is None:
         return
- 
-    if request.endpoint in ['forbidden', 'not_found', 'internal_error', 'system_auth']:
-        return
-    
     if 'authorized' not in request.cookies \
        and request.endpoint != 'system_auth' \
        and not request.endpoint.startswith('login') \
@@ -281,39 +278,7 @@ def require_system_password():
             from urllib.parse import urlparse, urlunparse
             parsed = urlparse(request.url)
             fixed_url = urlunparse(parsed._replace(netloc=request.host))
-            return redirect(url_for('system_auth', next=fixed_url)) """
-
-@app.before_request
-def require_system_password():
-    if request.endpoint is None:
-        return
-
-    if request.endpoint in ['forbidden', 'not_found', 'internal_error', 'system_auth']:
-        return
-
-    if 'authorized' not in request.cookies \
-       and request.endpoint != 'system_auth' \
-       and not request.endpoint.startswith('login') \
-       and request.endpoint != 'favicon':
-
-        if request.endpoint == 'static_bp.serve_js':
-            requested_file = request.view_args.get("filename", "")
-            if requested_file == "toasts.js":
-                return
-            if requested_file.endswith(".js"):
-                abort(403)  # dla JS lepiej pokazać błąd, nie auth
-            else:
-                return
-
-        if request.endpoint.startswith('static_bp.'):
-            return
-
-        # Dla głównej strony i innych stron HTML – przekierowanie na auth
-        if request.path == '/':
-            return redirect(url_for('system_auth'))
-        else:
-            return redirect(url_for('system_auth', next=request.url))
-
+            return redirect(url_for('system_auth', next=fixed_url))
 
 @app.template_filter('filemtime')
 def file_mtime_filter(path):
@@ -353,15 +318,6 @@ def forbidden(e):
         message="Nie masz uprawnień do wyświetlenia tej strony."
     ), 403
 
-@app.errorhandler(500)
-def internal_error(e):
-    return render_template(
-        'errors.html',
-        code=500,
-        title="Błąd serwera",
-        message="Wystąpił nieoczekiwany błąd. Spróbuj ponownie później."
-    ), 500
-
 @app.route('/favicon.ico')
 def favicon_ico():
     return redirect(url_for('static', filename='favicon.svg'))
@@ -406,6 +362,9 @@ def main_page():
 
     return render_template("main.html", user_lists=user_lists, public_lists=public_lists, archived_lists=archived_lists)
 
+from flask import request, redirect, url_for, flash, render_template, make_response
+# ... inne importy ...
+
 @app.route('/system-auth', methods=['GET', 'POST'])
 def system_auth():
     if current_user.is_authenticated or request.cookies.get('authorized') == AUTHORIZED_COOKIE_VALUE:
@@ -423,7 +382,8 @@ def system_auth():
         if request.form['password'] == SYSTEM_PASSWORD:
             reset_failed_attempts(ip)
             resp = redirect(next_page)
-            resp.set_cookie('authorized', AUTHORIZED_COOKIE_VALUE)
+            max_age = app.config.get('AUTH_COOKIE_MAX_AGE', 86400)
+            resp.set_cookie('authorized', AUTHORIZED_COOKIE_VALUE, max_age=max_age)
             return resp
         else:
             register_failed_attempt(ip)