Align language cookie with session lifetime

2025-08-08 16:48:16 -06:00 · 2024-06-30 20:11:19 +02:00 · 2024-06-30 20:11:19 +02:00 · 8577ff126f
commit 8577ff126f
parent 4f937822c2
2 changed files with 7 additions and 9 deletions
--- a/netbox/account/views.py
+++ b/netbox/account/views.py
@ -111,7 +111,7 @@ class LoginView(View):

            # Set the user's preferred language (if any)
            if language := request.user.config.get('locale.language'):
-                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language)
+                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language, max_age=request.session.get_expiry_age())

            return response

@ -206,7 +206,7 @@ class UserConfigView(LoginRequiredMixin, View):

            # Set/clear language cookie
            if language := form.cleaned_data['locale.language']:
-                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language)
+                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language, max_age=request.session.get_expiry_age())
            else:
                response.delete_cookie(settings.LANGUAGE_COOKIE_NAME)

--- a/netbox/netbox/middleware.py
+++ b/netbox/netbox/middleware.py
@ -43,17 +43,15 @@ class CoreMiddleware:
            login_url = f'{settings.LOGIN_URL}?next={parse.quote(request.get_full_path_info())}'
            return HttpResponseRedirect(login_url)

-        # If language cookie is not set, check if it should be set and redirect to requested page
-        if request.user.is_authenticated and not request.COOKIES.get(settings.LANGUAGE_COOKIE_NAME):
-            if language := request.user.config.get('locale.language'):
-                response = HttpResponseRedirect(request.path)
-                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language)
-                return response
-
        # Enable the event_tracking context manager and process the request.
        with event_tracking(request):
            response = self.get_response(request)

+        # Check if language cookie should be renewed
+        if request.user.is_authenticated and settings.SESSION_SAVE_EVERY_REQUEST:
+            if language := request.user.config.get('locale.language'):
+                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language, max_age=request.session.get_expiry_age())
+
        # Attach the unique request ID as an HTTP header.
        response['X-Request-ID'] = request.id