Skip to content

Commit

Permalink
Merge pull request #339 from nemozak1/develop
Browse files Browse the repository at this point in the history 
Add Secure Session Cookies
  • Loading branch information
@simonredfern
simonredfern authored Nov 9, 2023
2 parents 1f95eb1 + a1023ba commit 0be2a70
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions apimanager/apimanager/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,13 @@
# Always save session$
SESSION_SAVE_EVERY_REQUEST = True

# Session Cookie Settings
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_AGE = 300
SESSION_ENGINE = "django.contrib.sessions.backends.signed_cookies"


# Paths on API_HOST to OAuth
OAUTH_TOKEN_PATH = '/oauth/initiate'
OAUTH_AUTHORIZATION_PATH = '/oauth/authorize'
Expand Down

0 comments on commit 0be2a70

Please sign in to comment.