diff --git a/src/pyramid_jwt/__init__.py b/src/pyramid_jwt/__init__.py index c0b633f..5c4792d 100644 --- a/src/pyramid_jwt/__init__.py +++ b/src/pyramid_jwt/__init__.py @@ -93,14 +93,15 @@ def set_jwt_cookie_authentication_policy( json_encoder=None, audience=None, cookie_name=None, - https_only=True, + https_only=None, reissue_time=None, cookie_path=None, ): settings = config.get_settings() cookie_name = cookie_name or settings.get("jwt.cookie_name") cookie_path = cookie_path or settings.get("jwt.cookie_path") - reissue_time = reissue_time or settings.get("jwt.cookie_reissue_time") + if reissue_time is None and "jwt.cookie_reissue_time" in settings: + reissue_time = int(settings.get("jwt.cookie_reissue_time")) if https_only is None: https_only = settings.get("jwt.https_only_cookie", True) diff --git a/src/pyramid_jwt/policy.py b/src/pyramid_jwt/policy.py index 214d586..1d09bb5 100644 --- a/src/pyramid_jwt/policy.py +++ b/src/pyramid_jwt/policy.py @@ -6,6 +6,7 @@ import jwt from pyramid.renderers import JSON +from pyramid.settings import asbool from webob.cookies import CookieProfile from zope.interface import implementer from pyramid.authentication import CallbackAuthenticationPolicy @@ -187,7 +188,7 @@ def __init__( audience, ) - self.https_only = https_only + self.https_only = asbool(https_only) self.cookie_name = cookie_name or "Authorization" self.max_age = self.expiration and self.expiration.total_seconds() @@ -246,9 +247,12 @@ def remember(self, request, principal, **kw): return self._get_cookies(request, token, self.max_age, domains=domains) - def forget(self, request): + def forget(self, request, **kw): request._jwt_cookie_reissue_revoked = True - return self._get_cookies(request, None) + + domains = kw.get("domains") + + return self._get_cookies(request, None, domains=domains) def get_claims(self, request): profile = self.cookie_profile.bind(request)