Add security enhancements. See: https://blog.miguelgrinberg.com/post/cookie-security-for-flask-applications

2025-06-12 09:00:40 +00:00 · 2020-06-02 16:51:08 +02:00
parent 9f62e782f0
commit 4ac4fcb4ff
4 changed files with 16 additions and 7 deletions
--- a/app/init.py
+++ b/app/init.py
@ -2,6 +2,7 @@ from config import config
 from flask import Flask
 from flask_login import LoginManager
 from flask_mail import Mail
+from flask_paranoid import Paranoid
 from flask_socketio import SocketIO
 from flask_sqlalchemy import SQLAlchemy
 import logging
@ -12,6 +13,8 @@ logger = logging.getLogger(__name__)
 login_manager = LoginManager()
 login_manager.login_view = 'auth.login'
 mail = Mail()
+paranoid = Paranoid()
+paranoid.redirect_view = '/'
 socketio = SocketIO()


@ -23,6 +26,7 @@ def create_app(config_name):
    db.init_app(app)
    login_manager.init_app(app)
    mail.init_app(app)
+    paranoid.init_app(app)
    socketio.init_app(app, message_queue='redis://redis:6379/')

    from . import events