Changeset 8802


Ignore:
Timestamp:
02/09/13 12:27:15 (6 years ago)
Author:
mnagni
Message:

Better cookie management

Location:
mauRepo/dj_security/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • mauRepo/dj_security/trunk/README

    r8794 r8802  
    25253) NOT_ENCODE: the names in this list will be NOT encoded in the returned cookie 
    2626 
    27 4) COOKIE_DOMAIN (optional, default='.rl.ac.uk'): the domain where the AUTH_TKT will belong 
     274) COOKIE_DOMAIN (optional, default= the host running this app): the domain where the AUTH_TKT will belong 
    2828 
    29295) FAKE_RESPONSE (optional): if set to 'True' returns a fake authentication cookies. 
     
    4545- accountid: if present the LOGOUT button appears 
    4646- home: is used by a {%url home%} to redirect the user after the logout 
    47  
    48  
    49      
  • mauRepo/dj_security/trunk/dj_security/__init__.py

    r8794 r8802  
    1111 
    1212def cookie_domain(): 
    13     return getattr(settings, 'COOKIE_DOMAIN', '.rl.ac.uk') 
     13    try: 
     14        return getattr(settings, 'COOKIE_DOMAIN') 
     15    except AttributeError: 
     16        import socket 
     17        return socket.gethostname() 
    1418 
    1519def reset_password(): 
  • mauRepo/dj_security/trunk/dj_security/middleware.py

    r8791 r8802  
    4040import socket 
    4141import urlparse 
    42 import base64 
    4342import logging 
    44 from dj_security import auth_tkt_name, cookie_domain 
     43from dj_security import auth_tkt_name, cookie_domain, shared_secret 
    4544 
    4645# Get an instance of a logger 
     
    115114        raise DSJOpenIDNotFoundError(ex) 
    116115 
    117 def _get_path_to_host(request, force_path = None): 
    118     host = request.environ.get('HTTP_HOST') 
    119     if not host: 
    120         host = ''.join([request.environ['SERVER_HOST'],  
    121                         ':' ,  
    122                         request.environ['SERVER_PORT']]) 
    123      
    124     if force_path: 
    125         return base64.b64encode(''.join(['http://',  
    126                                       host, '/', 
    127                                       force_path])) 
    128          
    129     return base64.b64encode(''.join(['http://',  
    130                                       host, '/',  
    131                                       request.path])) 
    132  
    133116def _generate_auth_cookie(user, remote_ip, response): 
    134117    token = AuthTicket( 
    135             getattr(settings, 'SHARED_SECRET', 'sharedsecret'),  
     118            shared_secret(),  
    136119            user.accountid,  
    137120            remote_ip,  
     
    146129    return response 
    147130 
    148 def _encode_authenticated_response(request, response, redirect_to, user): 
    149     #def_r = _get_path_to_host(request) 
    150     #remote_url = request.session.get('r', def_r) 
    151      
    152     #if not redirect_to: 
    153     #    raise DJSException('Missing url where redirect logged in user') 
    154      
     131def _encode_authenticated_response(request, response, redirect_to, user):     
    155132    remote_ip = _calculate_remote_ip(redirect_to) 
    156133    LOGGER.info("responding to remote_ip: %s" % (remote_ip))       
Note: See TracChangeset for help on using the changeset viewer.