2902c9cc82
- login_user clears any pre-login session state before stamping user_id/pw_changed_at/admin so a fixated cookie value cannot smuggle data past the login boundary - logout_user now session.clear()s instead of only popping user_id, removing leftover pw_changed_at/admin markers - CSRF token comparison uses hmac.compare_digest - load_current_user rejects sessions where the stamped admin flag no longer matches the user row, preventing a demoted admin from retaining elevated access until next password change (backward-compatible: sessions issued pre-upgrade lack the marker and pass through until next login) |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| auth_routes.py | ||
| blueprint_routes.py | ||
| console_routes.py | ||
| files_routes.py | ||
| job_routes.py | ||
| log_routes.py | ||
| overlay_routes.py | ||
| page_routes.py | ||
| profile_routes.py | ||
| server_routes.py | ||
| workshop_routes.py | ||