From b4165335a777a8df2ae1f7a625e840aa30f96d35 Mon Sep 17 00:00:00 2001
From: jvoisin <julien.voisin@dustri.org>
Date: Sat, 9 May 2020 14:34:14 +0200
Subject: [PATCH] Use strong sessions protection

See https://flask-login.readthedocs.io/en/latest/#session-protection for
details
---
 cps/__init__.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cps/__init__.py b/cps/__init__.py
index 7dd4e11f..b8e74f27 100644
--- a/cps/__init__.py
+++ b/cps/__init__.py
@@ -60,6 +60,7 @@ app = Flask(__name__)
 lm = LoginManager()
 lm.login_view = 'web.login'
 lm.anonymous_user = ub.Anonymous
+lm.session_protection = 'strong'
 
 ub.init_db(cli.settingspath)
 # pylint: disable=no-member