Skip to content
Snippets Groups Projects
Commit 77d2c30c authored by Russ Garrett's avatar Russ Garrett Committed by Julian
Browse files

Use permanent rather than session cookies

parent 2b5ab52b
Branches
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
uffd/default_config.cfg
+ 5
0
View file @ 77d2c30c
...@@ -9,7 +9,12 @@ USER_SERVICE_MAX_UID=19999 ...@@ -9,7 +9,12 @@ USER_SERVICE_MAX_UID=19999
GROUP_MIN_GID=20000 GROUP_MIN_GID=20000
GROUP_MAX_GID=49999 GROUP_MAX_GID=49999
# The period of time that a login lasts for.
SESSION_LIFETIME_SECONDS=3600 SESSION_LIFETIME_SECONDS=3600
# The period of time that the session cookie lasts for. This is refreshed on each page load.
PERMANENT_SESSION_LIFETIME=2678400
# CSRF protection # CSRF protection
SESSION_COOKIE_SECURE=True SESSION_COOKIE_SECURE=True
SESSION_COOKIE_HTTPONLY=True SESSION_COOKIE_HTTPONLY=True
......
uffd/session/views.py
+ 1
0
View file @ 77d2c30c
...@@ -49,6 +49,7 @@ def logout(): ...@@ -49,6 +49,7 @@ def logout():
def set_session(user, skip_mfa=False): def set_session(user, skip_mfa=False):
session.clear() session.clear()
session.permanent = True
session['user_id'] = user.id session['user_id'] = user.id
session['logintime'] = datetime.datetime.now().timestamp() session['logintime'] = datetime.datetime.now().timestamp()
session['_csrf_token'] = secrets.token_hex(128) session['_csrf_token'] = secrets.token_hex(128)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Impressum - Datenschutzerklärung