[allura:tickets] #8526 improve session cookie handling NEEDS CONFIG CHANGES

- **summary**: improve session cookie handling --> improve session cookie handling NEEDS CONFIG CHANGES - **Comment**: for deployment/changelog: - add `session.jwt_secret_keys` to .ini file, with a value `python -c 'import secrets; print(secrets.token_hex());'` - `session.type = cookie` is no

[allura:tickets] #8526 improve session cookie handling

--- ** [tickets:#8526] improve session cookie handling** **Status:** in-progress **Milestone:** unreleased **Labels:** security **Created:** Wed Nov 15, 2023 07:48 PM UTC by Dave Brondsema **Last Updated:** Wed Nov 15, 2023 07:48 PM UTC **Owner:** Dave Brondsema Main thing is to move away