From b4165335a777a8df2ae1f7a625e840aa30f96d35 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Sat, 9 May 2020 14:34:14 +0200 Subject: [PATCH] Use strong sessions protection See https://flask-login.readthedocs.io/en/latest/#session-protection for details --- cps/__init__.py | 1 + 1 file changed, 1 insertion(+) diff --git a/cps/__init__.py b/cps/__init__.py index 7dd4e11f..b8e74f27 100644 --- a/cps/__init__.py +++ b/cps/__init__.py @@ -60,6 +60,7 @@ app = Flask(__name__) lm = LoginManager() lm.login_view = 'web.login' lm.anonymous_user = ub.Anonymous +lm.session_protection = 'strong' ub.init_db(cli.settingspath) # pylint: disable=no-member