mirror of https://github.com/MISP/misp-dashboard
chg: [authentication] configure misp-dashboard cookie policy
parent
bd5984faad
commit
07f68cb33f
|
@ -7,6 +7,12 @@ debug = False
|
||||||
misp_fqdn = "https://misp.local"
|
misp_fqdn = "https://misp.local"
|
||||||
ssl_verify = True
|
ssl_verify = True
|
||||||
session_secret = **Change_Me**
|
session_secret = **Change_Me**
|
||||||
|
# Only send cookies with requests over HTTPS if the cookie is marked secure.
|
||||||
|
session_cookie_secure = True
|
||||||
|
# Prevent sending cookies in all external requests including regular links.
|
||||||
|
session_cookie_samesite = Strict
|
||||||
|
# Expire session cookie after n days.
|
||||||
|
permanent_session_lifetime = 1
|
||||||
|
|
||||||
[Dashboard]
|
[Dashboard]
|
||||||
#hours
|
#hours
|
||||||
|
|
12
server.py
12
server.py
|
@ -7,6 +7,7 @@ import logging
|
||||||
import math
|
import math
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
|
from datetime import timedelta
|
||||||
import random
|
import random
|
||||||
from time import gmtime as now
|
from time import gmtime as now
|
||||||
from time import sleep, strftime
|
from time import sleep, strftime
|
||||||
|
@ -36,9 +37,18 @@ server_debug = cfg.get("Server", "debug")
|
||||||
auth_host = cfg.get("Auth", "misp_fqdn")
|
auth_host = cfg.get("Auth", "misp_fqdn")
|
||||||
auth_ssl_verify = cfg.getboolean("Auth", "ssl_verify")
|
auth_ssl_verify = cfg.getboolean("Auth", "ssl_verify")
|
||||||
auth_session_secret = cfg.get("Auth", "session_secret")
|
auth_session_secret = cfg.get("Auth", "session_secret")
|
||||||
|
auth_session_cookie_secure = cfg.getboolean("Auth", "session_cookie_secure")
|
||||||
|
auth_session_cookie_samesite = cfg.getboolean("Auth", "session_cookie_samesite")
|
||||||
|
auth_permanent_session_lifetime = cfg.getint("Auth", "permanent_session_lifetime")
|
||||||
|
|
||||||
app = Flask(__name__)
|
app = Flask(__name__)
|
||||||
app.secret_key = auth_session_secret
|
#app.secret_key = auth_session_secret
|
||||||
|
app.config.update(
|
||||||
|
SECRET_KEY=auth_session_secret,
|
||||||
|
SESSION_COOKIE_SECURE=auth_session_cookie_secure,
|
||||||
|
SESSION_COOKIE_SAMESITE=auth_session_cookie_samesite,
|
||||||
|
PERMANENT_SESSION_LIFETIME=timedelta(days=auth_permanent_session_lifetime)
|
||||||
|
)
|
||||||
|
|
||||||
redis_server_log = redis.StrictRedis(
|
redis_server_log = redis.StrictRedis(
|
||||||
host=cfg.get('RedisGlobal', 'host'),
|
host=cfg.get('RedisGlobal', 'host'),
|
||||||
|
|
Loading…
Reference in New Issue