# HG changeset patch
# User Peter Sanchez <peter@netlandish.com>
# Date 1701974990 21600
#      Thu Dec 07 12:49:50 2023 -0600
# Node ID d1f9c70d6a795f3350cbcfdfb4b2f3e4c0619db3
# Parent  2918b21f23b4ddda3a426a20c57c5e20c70c1c23
Adding session token renewal when logging in

diff --git a/accounts/routes.go b/accounts/routes.go
--- a/accounts/routes.go
+++ b/accounts/routes.go
@@ -130,6 +130,11 @@
 		}
 	}
 
+	// https://github.com/alexedwards/scs#preventing-session-fixation
+	if err := gctx.Server.Session.RenewToken(c.Request().Context()); err != nil {
+		return err
+	}
+
 	auth.UserLogin(c, form.user.GetID())
 	UpdateLastLogin(c.Request().Context(), form.user)