summaryrefslogtreecommitdiffstats
path: root/python/fatcat_web/web_config.py
diff options
context:
space:
mode:
Diffstat (limited to 'python/fatcat_web/web_config.py')
-rw-r--r--python/fatcat_web/web_config.py6
1 files changed, 6 insertions, 0 deletions
diff --git a/python/fatcat_web/web_config.py b/python/fatcat_web/web_config.py
index 5713738c..85134762 100644
--- a/python/fatcat_web/web_config.py
+++ b/python/fatcat_web/web_config.py
@@ -34,6 +34,12 @@ class Config(object):
GITLAB_CLIENT_ID = os.environ.get("GITLAB_CLIENT_ID", default="bogus")
GITLAB_CLIENT_SECRET = os.environ.get("GITLAB_CLIENT_SECRET", default="bogus")
+ # protect cookies (which include API tokens)
+ SESSION_COOKIE_HTTPONLY = True
+ SESSION_COOKIE_SECURE = True
+ SESSION_COOKIE_SAMESITE = 'Lax'
+ PERMANENT_SESSION_LIFETIME = 2678400 # 31 days, in seconds
+
try:
GIT_RELEASE = raven.fetch_git_sha('..')
except Exception as e:
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-27 07:04:49 +0000