From 6f8b3fd57feebbbf987a02605fd842f9324ff646 Mon Sep 17 00:00:00 2001
From: selfhoster1312 <selfhoster1312@kl.netlib.re>
Date: Sun, 13 Aug 2023 23:11:31 +0200
Subject: [PATCH] Handle both cookies in the same way (please let me logout)

---
 src/authenticators/ldap_admin.py   | 4 ++--
 src/authenticators/ldap_ynhuser.py | 3 +--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/authenticators/ldap_admin.py b/src/authenticators/ldap_admin.py
index b1b550bc0..155e84127 100644
--- a/src/authenticators/ldap_admin.py
+++ b/src/authenticators/ldap_admin.py
@@ -138,6 +138,7 @@ class Authenticator(BaseAuthenticator):
             secure=True,
             secret=session_secret,
             httponly=True,
+            path="/"
             # samesite="strict", # Bottle 0.12 doesn't support samesite, to be added in next versions
         )
 
@@ -172,5 +173,4 @@ class Authenticator(BaseAuthenticator):
     def delete_session_cookie(self):
         from bottle import response
 
-        response.set_cookie("yunohost.admin", "", max_age=-1)
-        response.delete_cookie("yunohost.admin")
+        response.delete_cookie("yunohost.admin", path="/")
diff --git a/src/authenticators/ldap_ynhuser.py b/src/authenticators/ldap_ynhuser.py
index 9702693ed..08138f1b5 100644
--- a/src/authenticators/ldap_ynhuser.py
+++ b/src/authenticators/ldap_ynhuser.py
@@ -172,5 +172,4 @@ class Authenticator(BaseAuthenticator):
 
         from bottle import response
 
-        response.set_cookie("yunohost.portal", "")
-        response.delete_cookie("yunohost.portal")
+        response.delete_cookie("yunohost.portal", path="/")