From 035ecf98d02354396debc5bbcd10d69d127daa47 Mon Sep 17 00:00:00 2001 From: Aevann1 Date: Tue, 21 Dec 2021 01:56:48 +0200 Subject: [PATCH] fsdfds --- files/__main__.py | 2 +- files/classes/user.py | 2 +- files/routes/login.py | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/files/__main__.py b/files/__main__.py index d0e715658..8908da206 100644 --- a/files/__main__.py +++ b/files/__main__.py @@ -109,7 +109,7 @@ def before_request(): if not request.path.startswith("/assets") and not request.path.startswith("/images") and not request.path.startswith("/hostedimages"): session.permanent = True - if not session.get("session_id"): session["session_id"] = secrets.token_hex(16) + if not session.get("session_id"): session["session_id"] = secrets.token_hex(50) if request.url.startswith("http://") and "localhost" not in app.config["SERVER_NAME"]: url = request.url.replace("http://", "https://", 1) diff --git a/files/classes/user.py b/files/classes/user.py index 58ff5d2b0..0299e7e4a 100644 --- a/files/classes/user.py +++ b/files/classes/user.py @@ -302,7 +302,7 @@ class User(Base): def formkey(self): if "session_id" not in session: - session["session_id"] = token_hex(16) + session["session_id"] = token_hex(50) msg = f"{session['session_id']}+{self.id}+{self.login_nonce}" diff --git a/files/routes/login.py b/files/routes/login.py index 7252cad50..66a35df3d 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -136,7 +136,7 @@ def login_post(): session["user_id"] = account.id session["logged_in"] = account.id - session["session_id"] = token_hex(16) + session["session_id"] = token_hex(50) session["login_nonce"] = account.login_nonce session.permanent = True @@ -343,7 +343,7 @@ def sign_up_post(v): session["user_id"] = new_user.id session["logged_in"] = new_user.id - session["session_id"] = token_hex(16) + session["session_id"] = token_hex(50) g.db.commit()