From 1ce3e90867ef6dc3abad5ba43d5dfa0e1ed6c7da Mon Sep 17 00:00:00 2001
From: Joel Dunham <jrwdunham@gmail.com>
Date: Tue, 26 May 2020 17:38:22 -0700
Subject: [PATCH] Fix Beaker cookie-based sessions

- Resolves #94.
---
 onlinelinguisticdatabase/config/middleware.py | 6 +++++-
 setup.py                                      | 1 +
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/onlinelinguisticdatabase/config/middleware.py b/onlinelinguisticdatabase/config/middleware.py
index 157fd92..5814580 100644
--- a/onlinelinguisticdatabase/config/middleware.py
+++ b/onlinelinguisticdatabase/config/middleware.py
@@ -150,7 +150,11 @@ def make_app(global_conf, full_stack=False, static_files=True, **app_conf):
 
     # Routing/Session Middleware
     app = RoutesMiddleware(app, config['routes.map'], singleton=False)
-    app = SessionMiddleware(app, config)
+    app = SessionMiddleware(
+        app,
+        config,
+        samesite='None',
+        secure=True)
 
     # At some point it seems that Pylons converts the Content-Type of any
     # response without a 200 OK status to 'text/html; charset=utf-8'.  Well
diff --git a/setup.py b/setup.py
index 745313e..7d85247 100644
--- a/setup.py
+++ b/setup.py
@@ -99,6 +99,7 @@ def fixer(match):
         "Topic :: Education"
     ],
     install_requires=[
+        "Beaker==1.10.0",
         "WebTest<2.0",  # WebTest 2.0.1 requires WebOb>=1.2 and OLD needs WebOb <=1.1.1 -- conflict
         "Pylons==1.0",
         "FormEncode==1.2.4",    # vs. >= 1.2.5 include changes that break the OLD