From 6a049f65d588600c50a869d760ca0c2174d06695 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Tue, 28 Jun 2022 22:50:28 +0200
Subject: [PATCH] middleware: set a variable value in the A2_OPENED_SESSION
 cookie

---
 src/authentic2/middleware.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/authentic2/middleware.py b/src/authentic2/middleware.py
index b8766f19..44d5f5ec 100644
--- a/src/authentic2/middleware.py
+++ b/src/authentic2/middleware.py
@@ -15,6 +15,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import time
+import uuid
 
 try:
     import threading
@@ -71,7 +72,7 @@ class OpenedSessionCookieMiddleware(MiddlewareMixin):
         if enabled and hasattr(request, 'user') and request.user.is_authenticated:
             response.set_cookie(
                 name,
-                value='1',
+                value=uuid.uuid4().hex,
                 max_age=None,
                 domain=domain,
                 secure=app_settings.A2_OPENED_SESSION_COOKIE_SECURE,
-- 
2.35.1