lub
/
mailu
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
dynamic-resolution
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a9548e4cbd'
${ noResults }
mailu/core/admin/mailu
History
bors[bot] 25e8910b89
Merge #1783 
1783: Switch to server-side sessions r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

It simplifies session management.
- it ensures that sessions will eventually expire (*)
- it implements some mitigation against session-fixation attacks
- it switches from client-side to server-side sessions (in Redis)

It doesn't prevent us from (re)-implementing a "remember_me" type of feature if that's considered useful by some.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
 		4 years ago
..
internal Merge branch 'master' into enforce-tls-admin 4 years ago
translations Translated using Weblate (Basque) 4 years ago
ui Disable anti-csrf on the login form 4 years ago
__init__.py cleanup old sessions on startup 4 years ago
configuration.py Merge #1783 4 years ago
debug.py Clean most of the refactored code 6 years ago
dkim.py Upgrading to a 2048-bit DKIM key 5 years ago
limiter.py Refactor the rate limiting code 5 years ago
manage.py Misc improvements to PASSWORD_SCHEME 4 years ago
models.py CryptContext should be a singleton 4 years ago
utils.py Explicitly define ProxyFix options 4 years ago