From b2dc965846ca00affe8ba7b2cec23af5fe7be7cc Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Wed, 15 Mar 2023 07:29:59 +0200
Subject: [PATCH] more fixes

---
 files/helpers/cron.py    | 2 ++
 files/routes/wrappers.py | 5 +++++
 2 files changed, 7 insertions(+)

diff --git a/files/helpers/cron.py b/files/helpers/cron.py
index 5d2a7a396..596dd079a 100644
--- a/files/helpers/cron.py
+++ b/files/helpers/cron.py
@@ -4,6 +4,7 @@ import os
 from sys import stdout
 from shutil import make_archive
 from hashlib import md5
+import secrets
 
 import click
 import requests
@@ -33,6 +34,7 @@ db.close()
 def cron(every_5m, every_1h, every_1d, every_1mo):
 	db = db_session()
 	g.v = None
+	g.nonce = secrets.token_urlsafe(31)
 
 	if every_5m:
 		if FEATURES['GAMBLING']:
diff --git a/files/routes/wrappers.py b/files/routes/wrappers.py
index 9f5f17527..6c27e0128 100644
--- a/files/routes/wrappers.py
+++ b/files/routes/wrappers.py
@@ -1,5 +1,6 @@
 import time
 from flask import g, request, session
+import secrets
 
 from files.classes.clients import ClientAuth
 from files.helpers.alerts import *
@@ -26,6 +27,10 @@ def get_ID():
 
 def get_logged_in_user():
 	if hasattr(g, 'v') and g.v: return g.v
+
+	if hasattr(g, 'nonce'):
+		g.nonce = secrets.token_urlsafe(31)
+
 	g.desires_auth = True
 	v = None
 	token = request.headers.get("Authorization","").strip()