Merge pull request #171 from SibrenVasse/secure_cookie
Session cookie flags.
This commit is contained in:
commit
16d8737770
|
@ -5,4 +5,5 @@ from flask_sqlalchemy import SQLAlchemy
|
||||||
|
|
||||||
db = SQLAlchemy()
|
db = SQLAlchemy()
|
||||||
login_manager = LoginManager()
|
login_manager = LoginManager()
|
||||||
|
login_manager.session_protection = "strong"
|
||||||
migrate = Migrate(db=db)
|
migrate = Migrate(db=db)
|
||||||
|
|
|
@ -83,6 +83,9 @@ def create_app() -> Flask:
|
||||||
|
|
||||||
# to avoid conflict with other cookie
|
# to avoid conflict with other cookie
|
||||||
app.config["SESSION_COOKIE_NAME"] = "slapp"
|
app.config["SESSION_COOKIE_NAME"] = "slapp"
|
||||||
|
if URL.startswith("https"):
|
||||||
|
app.config["SESSION_COOKIE_SECURE"] = True
|
||||||
|
app.config["SESSION_COOKIE_SAMESITE"] = "strict"
|
||||||
|
|
||||||
init_extensions(app)
|
init_extensions(app)
|
||||||
register_blueprints(app)
|
register_blueprints(app)
|
||||||
|
|
Loading…
Reference in New Issue