Adding this line as it appears to be a recommended best practise:
“The last step is extremely important and it protects us from session fixation attacks. It tells Plug to send the session cookie back to the client with a different identifier, in case an attacker knew, by any chance, the previous one.”
yordis
commented
5 years ago
Adding this line as it appears to be a recommended best practise:
Excerpt From: Chris McCord, Bruce Tate, José Valim. “Programming Phoenix ≥ 1.4” Chapter 5.