Skip to content
Permalink
Browse files

fixed a bug that would only allow one browser to log in

  • Loading branch information...
Fazal Majid
Fazal Majid committed Aug 1, 2018
1 parent feefb27 commit cd637b4a0f7d6a85cb28d4fde8be7c0f315e6727
Showing with 5 additions and 3 deletions.
  1. +1 −1 setup.py
  2. +4 −2 tembozapp/server.py
@@ -4,7 +4,7 @@
name='temboz',
author='Fazal Majid',
author_email='python@sentfrom.com',
version='2.3.0',
version='2.3.1',
url='http://github.com/fazalmajid/temboz',
#package_dir={'': 'src'},
packages=['tembozapp'],
@@ -1,8 +1,9 @@

#!/usr/local/bin/python
import sys, os, stat, logging, base64, time, imp, gzip, traceback, pprint, csv
import threading, BaseHTTPServer, SocketServer, cStringIO, urlparse, urllib
import flask, sqlite3, string, requests, re, datetime, hmac, passlib.hash
import hashlib, socket, json, hmac, werkzeug
import hashlib, socket, json, werkzeug
import param, update, filters, util, normalize, dbop, social, fts5, __main__

# HTTP header to force caching
@@ -155,8 +156,9 @@ def login():
and passlib.hash.argon2.verify(f.get('password', ''),
param.settings['passwd']):
# set auth cookie
session = hmac.new(cookie_secret, login, hashlib.sha256).hexdigest()
ua = flask.request.headers.get('User-Agent')
session = hmac.new(cookie_secret, login + ua,
hashlib.sha256).hexdigest()
dbop.save_session(session, ua)
cookie = login + ':' + session
back = flask.request.args.get('back', '/')

0 comments on commit cd637b4

Please sign in to comment.
You can’t perform that action at this time.