more fixes

files/helpers/cron.py

@@ -4,6 +4,7 @@ import os
 from sys import stdout
 from shutil import make_archive
 from hashlib import md5
+import secrets
 
 import click
 import requests
@@ -33,6 +34,7 @@ db.close()
 def cron(every_5m, every_1h, every_1d, every_1mo):
 	db = db_session()
 	g.v = None
+	g.nonce = secrets.token_urlsafe(31)
 
 	if every_5m:
 		if FEATURES['GAMBLING']:

files/routes/wrappers.py

@@ -1,5 +1,6 @@
 import time
 from flask import g, request, session
+import secrets
 
 from files.classes.clients import ClientAuth
 from files.helpers.alerts import *
@@ -26,6 +27,10 @@ def get_ID():
 
 def get_logged_in_user():
 	if hasattr(g, 'v') and g.v: return g.v
+
+	if hasattr(g, 'nonce'):
+		g.nonce = secrets.token_urlsafe(31)
+
 	g.desires_auth = True
 	v = None
 	token = request.headers.get("Authorization","").strip()