Fix logout cookie deletion: remove unsupported max_age parameter

2025-11-23 02:28:26 +08:00 · 2025-11-23 02:28:26 +08:00 · 34ec42d134
commit 34ec42d134
parent d599021dd5
1 changed files with 7 additions and 3 deletions
--- a/apps/jingrow/jingrow/api/auth_api.py
+++ b/apps/jingrow/jingrow/api/auth_api.py
@ -78,9 +78,13 @@ def create_response_clear_cookies(data: dict) -> JSONResponse:
    """创建响应并清除所有相关cookie"""
    response = JSONResponse(content=data)
    for cookie_name in COOKIES_TO_CLEAR:
-        cookie_kwargs = COOKIE_CONFIG.copy()
-        if cookie_name == "sid":
-            cookie_kwargs.pop("secure", None)
+        cookie_kwargs = {
+            "path": COOKIE_CONFIG.get("path", "/"),
+            "samesite": COOKIE_CONFIG.get("samesite", "lax"),
+            "httponly": COOKIE_CONFIG.get("httponly", True)
+        }
+        if COOKIE_CONFIG.get("secure"):
+            cookie_kwargs["secure"] = True
        response.delete_cookie(key=cookie_name, **cookie_kwargs)
    return response