From b508d212dc6c1b3e8383bb831c393ac3fd16581c Mon Sep 17 00:00:00 2001
From: Wade Barnes <wade.barnes@shaw.ca>
Date: Mon, 25 Jun 2018 14:20:52 -0700
Subject: [PATCH] EDIVORCE-59 - Ensure use of secure session cookies.

---
 edivorce/settings/local.py     | 1 +
 edivorce/settings/openshift.py | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/edivorce/settings/local.py b/edivorce/settings/local.py
index bdfaa777..0e7bc52a 100644
--- a/edivorce/settings/local.py
+++ b/edivorce/settings/local.py
@@ -13,6 +13,7 @@ DATABASES = {
 
 DEBUG = True
 CSRF_COOKIE_AGE = None
+SESSION_COOKIE_AGE = None
 TEMPLATES[0]["OPTIONS"]["debug"] = True
 
 WEASYPRINT_URL = 'http://localhost:5005'
diff --git a/edivorce/settings/openshift.py b/edivorce/settings/openshift.py
index cb4767fb..cdc62d7c 100644
--- a/edivorce/settings/openshift.py
+++ b/edivorce/settings/openshift.py
@@ -54,6 +54,7 @@ if DEPLOYMENT_TYPE == 'dev':
     PROXY_URL_PREFIX = os.getenv('PROXY_URL_PREFIX', '/divorce-dev')
     DEBUG = True
     CSRF_COOKIE_AGE = None
+    SESSION_COOKIE_AGE = None
     REGISTER_URL = 'https://www.test.bceid.ca/directories/bluepages/details.aspx?serviceID=5522'
 
 if DEPLOYMENT_TYPE == 'test':
@@ -95,3 +96,5 @@ SESSION_EXPIRE_AT_BROWSER_CLOSE = True
 if DEPLOYMENT_TYPE != 'minishift':
     SESSION_COOKIE_PATH = PROXY_URL_PREFIX
     SESSION_COOKIE_SECURE=True
+    CSRF_COOKIE_SECURE=True
+