|
|
|
@ -28,10 +28,10 @@ from flask_login.signals import user_loaded_from_cookie
|
|
|
|
|
|
|
|
|
|
class MyLoginManager(LoginManager):
|
|
|
|
|
def _session_protection_failed(self):
|
|
|
|
|
_session = session._get_current_object()
|
|
|
|
|
sess = session._get_current_object()
|
|
|
|
|
ident = self._session_identifier_generator()
|
|
|
|
|
if(_session and not (len(_session) == 1
|
|
|
|
|
and _session.get('csrf_token', None))) and ident != _session.get('_id', None):
|
|
|
|
|
if(sess and not (len(sess) == 1
|
|
|
|
|
and sess.get('csrf_token', None))) and ident != sess.get('_id', None):
|
|
|
|
|
return super(). _session_protection_failed()
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|