From 7d39539883e28446dda069bfb7e63cd5b3a21030 Mon Sep 17 00:00:00 2001
From: Nick Frost <42555217+nickfrost-asana@users.noreply.github.com>
Date: Wed, 22 Sep 2021 01:20:28 -0400
Subject: [PATCH] Make login sessions permanent (#1991)

* Closes #1990
* Make session cookies persist in the browser after close
---
 CTFd/utils/security/auth.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CTFd/utils/security/auth.py b/CTFd/utils/security/auth.py
index 0b808f38..d098c4a3 100644
--- a/CTFd/utils/security/auth.py
+++ b/CTFd/utils/security/auth.py
@@ -15,6 +15,7 @@ def login_user(user):
     session["id"] = user.id
     session["nonce"] = generate_nonce()
     session["hash"] = hmac(user.password)
+    session.permanent = True
 
     # Clear out any currently cached user attributes
     clear_user_session(user_id=user.id)
@@ -23,6 +24,7 @@ def login_user(user):
 def update_user(user):
     session["id"] = user.id
     session["hash"] = hmac(user.password)
+    session.permanent = True
 
     # Clear out any currently cached user attributes
     clear_user_session(user_id=user.id)