Re: [pgAdmin4][Patch]: To make session more secure in web mode

From: Dave Page <dpage(at)pgadmin(dot)org>
To: Murtuza Zabuawala <murtuza(dot)zabuawala(at)enterprisedb(dot)com>, pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org>
Subject: Re: [pgAdmin4][Patch]: To make session more secure in web mode
Date: 2017-07-20 12:22:04
Message-ID: CA+OCxoyva9suwKmBMEF4R_DKXmoxu9o2hwwSA6=5bin=Xp=-sQ@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgadmin-hackers

Hi

On Thu, Jul 20, 2017 at 12:59 PM, Murtuza Zabuawala <
murtuza(dot)zabuawala(at)enterprisedb(dot)com> wrote:

> Hi Dave,
>
> Tested it with PEM7 RestApi testsuite and it is working fine :)
>

The docs for this module say it's based on Flask-Login's session protect
mechanism, and was intended to allow session protection in other scenarios.
As we are already using Flask-Login, do we need this?

See the Session Protection section on
https://flask-login.readthedocs.io/en/latest/.

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

In response to

Responses

Browse pgadmin-hackers by date

  From Date Subject
Next Message Dave Page 2017-07-20 12:23:31 Re: [pgAdmin4][Patch]: Allow user to Comment/Uncomment code in query editor
Previous Message pgAdmin 4 Jenkins 2017-07-20 12:15:52 Jenkins build is back to normal : pgadmin4-master-python26 #370