Add abstraction class to handle cookies

This handles secure cokies with useful helpers and defaults.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>

1 files changed, 9 insertions, 9 deletions

diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py
index e59085f..f2254c9 100755
--- a/ipsilon/login/common.py
+++ b/ipsilon/login/common.py
@@ -23,6 +23,7 @@ from ipsilon.util.user import UserSession
 from ipsilon.util.plugin import PluginLoader, PluginObject
 from ipsilon.util.plugin import PluginInstaller
 from ipsilon.info.common import Info
+from ipsilon.util.cookies import SecureCookie
 import cherrypy
 
 
@@ -67,13 +68,10 @@ class LoginManagerBase(PluginObject, Log):
 
         # save username into a cookie if parent was form base auth
         if auth_type == 'password':
-            cherrypy.response.cookie[USERNAME_COOKIE] = username
-            cherrypy.response.cookie[USERNAME_COOKIE]['path'] = \
-                cherrypy.config.get('base.mount', '/')
-            cherrypy.response.cookie[USERNAME_COOKIE]['secure'] = True
-            cherrypy.response.cookie[USERNAME_COOKIE]['httponly'] = True
+            cookie = SecureCookie(USERNAME_COOKIE, username)
             # 15 days
-            cherrypy.response.cookie[USERNAME_COOKIE]['max-age'] = 1296000
+            cookie.maxage = 1296000
+            cookie.send()
 
         raise cherrypy.HTTPRedirect(ref)
 
@@ -180,9 +178,11 @@ class LoginFormBase(LoginPageBase):
         if self.lm.next_login is not None:
             next_url = self.lm.next_login.path
 
-        username = ''
-        if USERNAME_COOKIE in cherrypy.request.cookie:
-            username = cherrypy.request.cookie[USERNAME_COOKIE].value
+        cookie = SecureCookie(USERNAME_COOKIE)
+        cookie.receive()
+        username = cookie.value
+        if username is None:
+            username = ''
 
         context = {
             "title": 'Login',