From 873525d9e05b3509ca9642494286f7e9491eba05 Mon Sep 17 00:00:00 2001
From: Karl Hudgell <karl.hudgell@bjss.com>
Date: Mon, 11 Nov 2024 12:37:43 +0000
Subject: [PATCH] try make the session permanent

---
 app.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/app.py b/app.py
index 5b472ce..5c8add2 100644
--- a/app.py
+++ b/app.py
@@ -17,6 +17,15 @@ app.config.from_object(
 ) 
 cache = Cache(app, config={"CACHE_TYPE": "SimpleCache"})
 
+app.config['SESSION_COOKIE_SECURE'] = True  # Only send cookie over HTTPS
+app.config['SESSION_COOKIE_HTTPONLY'] = True  # Prevent JavaScript access
+app.config['SESSION_COOKIE_SAMESITE'] = 'Lax'  # Adjust for cross-site requests
+app.config['PERMANENT_SESSION_LIFETIME'] = 60 * 60 * 24 * 365  # 1 year in seconds
+
+@app.before_request
+def make_session_permanent():
+    session.permanent = True
+
 @app.route('/manifest.json')
 def serve_manifest():
     return send_file('manifest.json', mimetype='application/manifest+json')