Use strong sessions protection

See https://flask-login.readthedocs.io/en/latest/#session-protection for details
2020-05-09 14:34:14 +02:00 · 2020-05-09 14:34:14 +02:00 · b4165335a7
parent 189243a9b0
commit b4165335a7
1 changed files with 1 additions and 0 deletions
--- a/cps/init.py
+++ b/cps/init.py
@ -60,6 +60,7 @@ app = Flask(__name__)
 lm = LoginManager()
 lm.login_view = 'web.login'
 lm.anonymous_user = ub.Anonymous
+lm.session_protection = 'strong'

 ub.init_db(cli.settingspath)
 # pylint: disable=no-member