From 4f937822c2c4b03af9daf8a8635382e7dd7b50ff Mon Sep 17 00:00:00 2001
From: Martin Mayer <martin.mayer@m2-it-solutions.de>
Date: Fri, 28 Jun 2024 21:35:08 +0200
Subject: [PATCH 1/2] Fixes #16758: Create language cookie if required

---
 netbox/netbox/middleware.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/netbox/netbox/middleware.py b/netbox/netbox/middleware.py
index 6e7da9ab052..c8ebcf34e65 100644
--- a/netbox/netbox/middleware.py
+++ b/netbox/netbox/middleware.py
@@ -43,6 +43,13 @@ def __call__(self, request):
             login_url = f'{settings.LOGIN_URL}?next={parse.quote(request.get_full_path_info())}'
             return HttpResponseRedirect(login_url)
 
+        # If language cookie is not set, check if it should be set and redirect to requested page
+        if request.user.is_authenticated and not request.COOKIES.get(settings.LANGUAGE_COOKIE_NAME):
+            if language := request.user.config.get('locale.language'):
+                response = HttpResponseRedirect(request.path)
+                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language)
+                return response
+
         # Enable the event_tracking context manager and process the request.
         with event_tracking(request):
             response = self.get_response(request)

From 8577ff126ffac629f67215d8310197f1e814b2df Mon Sep 17 00:00:00 2001
From: Martin Mayer <martin.mayer@m2-it-solutions.de>
Date: Sun, 30 Jun 2024 20:11:19 +0200
Subject: [PATCH 2/2] Align language cookie with session lifetime

---
 netbox/account/views.py     |  4 ++--
 netbox/netbox/middleware.py | 12 +++++-------
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/netbox/account/views.py b/netbox/account/views.py
index feb85fdfebd..d7c43aebf9e 100644
--- a/netbox/account/views.py
+++ b/netbox/account/views.py
@@ -111,7 +111,7 @@ def post(self, request):
 
             # Set the user's preferred language (if any)
             if language := request.user.config.get('locale.language'):
-                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language)
+                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language, max_age=request.session.get_expiry_age())
 
             return response
 
@@ -206,7 +206,7 @@ def post(self, request):
 
             # Set/clear language cookie
             if language := form.cleaned_data['locale.language']:
-                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language)
+                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language, max_age=request.session.get_expiry_age())
             else:
                 response.delete_cookie(settings.LANGUAGE_COOKIE_NAME)
 
diff --git a/netbox/netbox/middleware.py b/netbox/netbox/middleware.py
index c8ebcf34e65..e15cb560d9e 100644
--- a/netbox/netbox/middleware.py
+++ b/netbox/netbox/middleware.py
@@ -43,17 +43,15 @@ def __call__(self, request):
             login_url = f'{settings.LOGIN_URL}?next={parse.quote(request.get_full_path_info())}'
             return HttpResponseRedirect(login_url)
 
-        # If language cookie is not set, check if it should be set and redirect to requested page
-        if request.user.is_authenticated and not request.COOKIES.get(settings.LANGUAGE_COOKIE_NAME):
-            if language := request.user.config.get('locale.language'):
-                response = HttpResponseRedirect(request.path)
-                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language)
-                return response
-
         # Enable the event_tracking context manager and process the request.
         with event_tracking(request):
             response = self.get_response(request)
 
+        # Check if language cookie should be renewed
+        if request.user.is_authenticated and settings.SESSION_SAVE_EVERY_REQUEST:
+            if language := request.user.config.get('locale.language'):
+                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language, max_age=request.session.get_expiry_age())
+
         # Attach the unique request ID as an HTTP header.
         response['X-Request-ID'] = request.id