From f82c156385b9d756ddbd01ce454d035befbb8b98 Mon Sep 17 00:00:00 2001
From: Peter Sanchez <peter@netlandish.com>
Date: Thu, 7 Dec 2023 12:49:50 -0600
Subject: [PATCH] Adding session token renewal when logging in

---
 accounts/routes.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/accounts/routes.go b/accounts/routes.go
index c88b74d..d8e14bb 100644
--- a/accounts/routes.go
+++ b/accounts/routes.go
@@ -130,6 +130,11 @@ func (s *Service) LoginAuthPOST(c echo.Context) error {
 		}
 	}
 
+	// https://github.com/alexedwards/scs#preventing-session-fixation
+	if err := gctx.Server.Session.RenewToken(c.Request().Context()); err != nil {
+		return err
+	}
+
 	auth.UserLogin(c, form.user.GetID())
 	UpdateLastLogin(c.Request().Context(), form.user)
 
-- 
2.45.2