diff options
author | Simo Sorce <simo@redhat.com> | 2014-09-16 17:07:18 -0400 |
---|---|---|
committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-09-24 20:29:51 +0200 |
commit | d00990c389e98dc62a59020e4a79cfe657f88f89 (patch) | |
tree | 4c5eb46d5a60ad61695bdf3d99da66eee59d1265 /ipsilon/login | |
parent | 14e8ecd7cf8ea8d342eac5c4c66b764b3a8e2dbb (diff) | |
download | ipsilon-d00990c389e98dc62a59020e4a79cfe657f88f89.tar.gz ipsilon-d00990c389e98dc62a59020e4a79cfe657f88f89.tar.xz ipsilon-d00990c389e98dc62a59020e4a79cfe657f88f89.zip |
Add abstraction class to handle cookies
This handles secure cokies with useful helpers and defaults.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Diffstat (limited to 'ipsilon/login')
-rwxr-xr-x | ipsilon/login/common.py | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py index e59085f..f2254c9 100755 --- a/ipsilon/login/common.py +++ b/ipsilon/login/common.py @@ -23,6 +23,7 @@ from ipsilon.util.user import UserSession from ipsilon.util.plugin import PluginLoader, PluginObject from ipsilon.util.plugin import PluginInstaller from ipsilon.info.common import Info +from ipsilon.util.cookies import SecureCookie import cherrypy @@ -67,13 +68,10 @@ class LoginManagerBase(PluginObject, Log): # save username into a cookie if parent was form base auth if auth_type == 'password': - cherrypy.response.cookie[USERNAME_COOKIE] = username - cherrypy.response.cookie[USERNAME_COOKIE]['path'] = \ - cherrypy.config.get('base.mount', '/') - cherrypy.response.cookie[USERNAME_COOKIE]['secure'] = True - cherrypy.response.cookie[USERNAME_COOKIE]['httponly'] = True + cookie = SecureCookie(USERNAME_COOKIE, username) # 15 days - cherrypy.response.cookie[USERNAME_COOKIE]['max-age'] = 1296000 + cookie.maxage = 1296000 + cookie.send() raise cherrypy.HTTPRedirect(ref) @@ -180,9 +178,11 @@ class LoginFormBase(LoginPageBase): if self.lm.next_login is not None: next_url = self.lm.next_login.path - username = '' - if USERNAME_COOKIE in cherrypy.request.cookie: - username = cherrypy.request.cookie[USERNAME_COOKIE].value + cookie = SecureCookie(USERNAME_COOKIE) + cookie.receive() + username = cookie.value + if username is None: + username = '' context = { "title": 'Login', |