From dd6dbca51d46200073a9c6e16dcd0052795b80b8 Mon Sep 17 00:00:00 2001
From: Daniel Schadt <kingdread@gmx.de>
Date: Thu, 14 Sep 2023 19:47:38 +0200
Subject: roll fresh session secrets for new accounts

---
 fietsboek/scripts/fietsctl.py | 1 +
 fietsboek/views/account.py    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/fietsboek/scripts/fietsctl.py b/fietsboek/scripts/fietsctl.py
index 3e987d5..d0b5639 100644
--- a/fietsboek/scripts/fietsctl.py
+++ b/fietsboek/scripts/fietsctl.py
@@ -111,6 +111,7 @@ def cmd_user_add(
 
     user = models.User(name=name, email=email, is_verified=True, is_admin=admin)
     user.set_password(password)
+    user.roll_session_secret()
 
     with env["request"].tm:
         dbsession = env["request"].dbsession
diff --git a/fietsboek/views/account.py b/fietsboek/views/account.py
index 5400f0a..e353360 100644
--- a/fietsboek/views/account.py
+++ b/fietsboek/views/account.py
@@ -60,6 +60,7 @@ def do_create_account(request):
 
     user = models.User(name=name, email=email_addr)
     user.set_password(password)
+    user.roll_session_secret()
     request.dbsession.add(user)
 
     actions.send_verification_token(request, user)
-- 
cgit v1.2.3