From 05046f9f57c1ce2c227829f3112c4de8154062f3 Mon Sep 17 00:00:00 2001
From: James Gough <james@peacefulprogramming.dev>
Date: Tue, 2 Jul 2024 11:06:45 +0100
Subject: [PATCH] delete CSRF token when renewing session

---
 templates/controllers/session.ex | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/templates/controllers/session.ex b/templates/controllers/session.ex
index 769f3de..97220c8 100644
--- a/templates/controllers/session.ex
+++ b/templates/controllers/session.ex
@@ -65,6 +65,8 @@ defmodule <%= inspect @web_pascal_case %>.Session do
   #     end
   #
   defp renew_session(conn) do
+    delete_csrf_token()
+
     conn
     |> configure_session(renew: true)
     |> clear_session()