Use strong sessions protection

See https://flask-login.readthedocs.io/en/latest/#session-protection for
details
This commit is contained in:
jvoisin 2020-05-09 14:34:14 +02:00
parent 189243a9b0
commit b4165335a7

View File

@ -60,6 +60,7 @@ app = Flask(__name__)
lm = LoginManager()
lm.login_view = 'web.login'
lm.anonymous_user = ub.Anonymous
lm.session_protection = 'strong'
ub.init_db(cli.settingspath)
# pylint: disable=no-member