Flask - User logged out when switching to www.*

Question

I'm encountering a strange behavior, and I'm not really sure if it is framework-related or not.

Anyway, for my Flask project I'm using flask-login to manage user authentication.

I noticed that when I'm logging in from domain.com and then I'm switching to www.domain.com, the user appears to be logged out.

If I'm switching back to domain.com the user appears to be logged in (as expected).

This behavior doesn't go both ways, which means that logging in on www.domain.com will keep me logged in on domain.com too.

I'm not sure if it's an issue with flask-login and how it sets the session cookies or if it's related with how cookies work and so on.

Maybe you could help me out on this one :)

score 0 · Answer 1 · edited May 23 '17 at 10:30

0

I believe you have to set the domain on the cookie to be .domain.com instead of domain.com for the cookie to be available to all subdomains. See this StackOverflow Question for more details!

edited May 23 '17 at 10:30

Community

1
1

answered Dec 28 '16 at 21:39

Christopher Shroba

4,921
3
28
56

score 0 · Answer 2 · answered Dec 29 '16 at 03:29

0

You need to include the following line to your config file. http://flask.pocoo.org/docs/0.12/config/

SESSION_COOKIE_DOMAIN = '.domain.com'

answered Dec 29 '16 at 03:29

Alex Seifi

72
6

Flask - User logged out when switching to www.*

2 Answers2