From b7c8f6b5779fe7c59f1edf6e02a73af6b9280c62 Mon Sep 17 00:00:00 2001
From: VVX7 <info@vvx7.io>
Date: Wed, 2 Oct 2019 12:46:37 -0400
Subject: [PATCH] chg: [authentication] enforce session ssl

---
 server.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server.py b/server.py
index d0eaf78..bcc7b79 100755
--- a/server.py
+++ b/server.py
@@ -94,9 +94,10 @@ class User(UserMixin):
 
         misp_login_page = auth_host + "/users/login"
         session = requests.Session()
+        session.verify = True
 
         # The login page contains hidden form values required for authenticaiton.
-        login_page = session.get(misp_login_page, ssl=True)
+        login_page = session.get(misp_login_page)
 
         # This regex matches the "data[_Token][fields]" value needed to make a POST request on the MISP login page.
         token_fields_exp = re.compile(r'name="data\[_Token]\[fields]" value="([^\s]+)"')