Security tweaks
Summary of changes proposed in this Pull Request:
- Makes the CSRF session check respect the newish
CSRF_USE_SESSIONS
setting in Django - Locks down the clearsessions view to tasks or admins only
PR checklist:
-
Updated relevant documentation -
Updated CHANGELOG.md -
Added tests for my change