Closed fabrik42 closed 7 years ago
In the official Phoenix guides it is recommended to generate a new session id after a successful login, in order to prevent session fixation attacks.
See https://hexdocs.pm/phoenix/contexts.html#adding-account-functions
Good catch!
riverrun
commented
7 years ago riverrun
commented
7 years ago
In the official Phoenix guides it is recommended to generate a new session id after a successful login, in order to prevent session fixation attacks.
See https://hexdocs.pm/phoenix/contexts.html#adding-account-functions