artin/API-Manager
1
0
Fork 0
mirror of https://github.com/OpenBankProject/API-Manager.git synced 2026-02-06 10:59:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added Secure Session Cookies

Browse Source
This commit is contained in:
nemo 2023-11-09 12:08:21 +01:00
parent 57e161b5d3
commit ad33b54081
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apimanager/apimanager/settings.py
View File

@ -282,6 +282,13 @@ SHOW_API_TESTER = False
# Always save session$
SESSION_SAVE_EVERY_REQUEST = True
# Session Cookie Settings
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_AGE = 300
SESSION_ENGINE = "django.contrib.sessions.backends.signed_cookies"
# Paths on API_HOST to OAuth
OAUTH_TOKEN_PATH = '/oauth/initiate'
OAUTH_AUTHORIZATION_PATH = '/oauth/authorize'