f030395a57
Two follow-ups from the Task 11 code review. Important — without SESSION_COOKIE_SECURE=0, Task 12's Playwright login would silently fail. app.py:57 sets SESSION_COOKIE_SECURE = not TESTING, so with our TESTING=False conftest the cookie is marked Secure; the browser drops it over http://127.0.0.1 and the session never establishes. The env-var override (app.py:53-55) is the least invasive fix and preserves the SECRET_KEY guard. Minor — the second init_db() looked redundant but is actually load- bearing: create_app's init_db runs inside the app context (binds to the in-app engine), while the seed work uses session_scope() outside the app context (binds to an env-derived engine). The second init_db() creates tables on THAT engine. Added a clarifying comment so a future reader doesn't drop the line and silently break the seed. Addresses Important #1 + Minor #1 from the Task 11 code review. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| conftest.py | ||
| test_smoke.py | ||