Merge branch 'hotfix-session' into 'master'
Fix: Sessions were shared between clients See merge request s3lph/matemat!69
This commit is contained in:
commit
dddd9c75be
5 changed files with 19 additions and 4 deletions
13
CHANGELOG.md
13
CHANGELOG.md
|
@ -1,5 +1,18 @@
|
|||
# Matemat Changelog
|
||||
|
||||
<!-- BEGIN RELEASE v0.2.2 -->
|
||||
## Version 0.2.1
|
||||
|
||||
Security fix release
|
||||
|
||||
### Changes
|
||||
|
||||
<!-- BEGIN CHANGES 0.2.2 -->
|
||||
- Fix: Sessions were shared between clients
|
||||
<!-- END CHANGES 0.2.2 -->
|
||||
|
||||
<!-- END RELEASE v0.2.2 -->
|
||||
|
||||
<!-- BEGIN RELEASE v0.2.1 -->
|
||||
## Version 0.2.1
|
||||
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
|
||||
__version__ = '0.2.1'
|
||||
__version__ = '0.2.2'
|
||||
|
|
|
@ -23,10 +23,12 @@ def start() -> str:
|
|||
# Reference date for session timeout
|
||||
now = datetime.utcnow()
|
||||
# Read the client's session ID, if any
|
||||
session_id = str(request.get_cookie(_COOKIE_NAME, secret=__key))
|
||||
session_id = request.get_cookie(_COOKIE_NAME, secret=__key)
|
||||
# If there is no active session, create a new session ID
|
||||
if session_id is None:
|
||||
session_id = str(uuid4())
|
||||
else:
|
||||
session_id = str(session_id)
|
||||
|
||||
# Check for session timeout
|
||||
if session_id in __session_vars and __session_vars[session_id][0] < now:
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# Maintainer: s3lph <account-gitlab-ideynizv@kernelpanic.lol>
|
||||
|
||||
pkgname=matemat
|
||||
pkgver=0.2.1
|
||||
pkgver=0.2.2
|
||||
pkgrel=1
|
||||
arch=('any')
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
Package: matemat
|
||||
Version: 0.2.1
|
||||
Version: 0.2.2
|
||||
Maintainer: s3lph <account-gitlab-ideynizv@kernelpanic.lol>
|
||||
Section: web
|
||||
Priority: optional
|
||||
|
|
Loading…
Reference in a new issue