artin/API-Manager
1
0
Fork 0
mirror of https://github.com/OpenBankProject/API-Manager.git synced 2026-02-06 15:06:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #339 from nemozak1/develop

Browse Source 
Add Secure Session Cookies
This commit is contained in:
Simon Redfern 2023-11-09 12:14:46 +01:00 committed by GitHub
commit 0be2a702eb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apimanager/apimanager/settings.py
View File

@ -284,6 +284,13 @@ SHOW_API_TESTER = False
# Always save session$
SESSION_SAVE_EVERY_REQUEST = True
# Session Cookie Settings
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_AGE = 300
SESSION_ENGINE = "django.contrib.sessions.backends.signed_cookies"
# Paths on API_HOST to OAuth
OAUTH_TOKEN_PATH = '/oauth/initiate'
OAUTH_AUTHORIZATION_PATH = '/oauth/authorize'