@ -140,7 +140,6 @@ class ConfigManager(dict):
self.config['SESSION_STORAGE_URL'] = 'redis://{0}/3'.format(self.config['REDIS_ADDRESS'])
self.config['SESSION_COOKIE_SAMESITE'] = 'Strict'
self.config['SESSION_COOKIE_HTTPONLY'] = True
self.config['SESSION_KEY_BITS'] = 128
self.config['PERMANENT_SESSION_LIFETIME'] = timedelta(hours=int(self.config['SESSION_LIFETIME']))
# update the app config itself
app.config = self
@ -260,9 +260,8 @@ class MailuSessionConfig:
hash_bytes = bits//8 + (bits%8>0)
time_bytes = 4 # 32 bit timestamp for now
shaker = hashlib.shake_256 if bits>128 else hashlib.shake_128
self._shaker = shaker(want_bytes(app.config.get('SECRET_KEY', '')))
self._shaker = hashlib.shake_128(want_bytes(app.config.get('SECRET_KEY', '')))
self._hash_len = hash_bytes
self._hash_b64 = len(self._encode(bytes(hash_bytes)))
self._key_min = 2*self._hash_b64