|
 |
bc4e95 |
From 898cfe8212a5940dba6552196ddd243f912b5942 Mon Sep 17 00:00:00 2001
|
|
|
bc4e95 |
From: Tomas Jelinek <tojeline@redhat.com>
|
|
|
bc4e95 |
Date: Tue, 11 Feb 2020 10:18:33 +0100
|
|
|
bc4e95 |
Subject: [PATCH 5/7] daemon: fix cookie options
|
|
|
bc4e95 |
|
|
|
bc4e95 |
---
|
|
|
bc4e95 |
pcs/daemon/app/session.py | 14 +++++++++++---
|
|
|
bc4e95 |
1 file changed, 11 insertions(+), 3 deletions(-)
|
|
|
bc4e95 |
|
|
|
bc4e95 |
diff --git a/pcs/daemon/app/session.py b/pcs/daemon/app/session.py
|
|
|
bc4e95 |
index b4d29add..dcbb4c23 100644
|
|
|
bc4e95 |
--- a/pcs/daemon/app/session.py
|
|
|
bc4e95 |
+++ b/pcs/daemon/app/session.py
|
|
|
bc4e95 |
@@ -4,10 +4,16 @@ from pcs.daemon.auth import check_user_groups, authorize_user
|
|
|
bc4e95 |
PCSD_SESSION = "pcsd.sid"
|
|
|
bc4e95 |
|
|
|
bc4e95 |
class Mixin:
|
|
|
bc4e95 |
- __session = None
|
|
|
bc4e95 |
"""
|
|
|
bc4e95 |
Mixin for tornado.web.RequestHandler
|
|
|
bc4e95 |
"""
|
|
|
bc4e95 |
+
|
|
|
bc4e95 |
+ __session = None
|
|
|
bc4e95 |
+ __cookie_options = {
|
|
|
bc4e95 |
+ "secure": True,
|
|
|
bc4e95 |
+ "httponly": True,
|
|
|
bc4e95 |
+ }
|
|
|
bc4e95 |
+
|
|
|
bc4e95 |
def initialize(self, session_storage: Storage):
|
|
|
bc4e95 |
self.__storage = session_storage
|
|
|
bc4e95 |
|
|
|
bc4e95 |
@@ -63,7 +69,7 @@ class Mixin:
|
|
|
bc4e95 |
"""
|
|
|
bc4e95 |
Write the session id into a response cookie.
|
|
|
bc4e95 |
"""
|
|
|
bc4e95 |
- self.set_cookie(PCSD_SESSION, self.session.sid)
|
|
|
bc4e95 |
+ self.set_cookie(PCSD_SESSION, self.session.sid, **self.__cookie_options)
|
|
|
bc4e95 |
|
|
|
bc4e95 |
def put_request_cookies_sid_to_response_cookies_sid(self):
|
|
|
bc4e95 |
"""
|
|
|
bc4e95 |
@@ -73,7 +79,9 @@ class Mixin:
|
|
|
bc4e95 |
#TODO this method should exist temporarily (for sinatra compatibility)
|
|
|
bc4e95 |
#pylint: disable=invalid-name
|
|
|
bc4e95 |
if self.__sid_from_client is not None:
|
|
|
bc4e95 |
- self.set_cookie(PCSD_SESSION, self.__sid_from_client)
|
|
|
bc4e95 |
+ self.set_cookie(
|
|
|
bc4e95 |
+ PCSD_SESSION, self.__sid_from_client, **self.__cookie_options
|
|
|
bc4e95 |
+ )
|
|
|
bc4e95 |
|
|
|
bc4e95 |
def was_sid_in_request_cookies(self):
|
|
|
bc4e95 |
return self.__sid_from_client is not None
|
|
|
bc4e95 |
--
|
|
|
bc4e95 |
2.21.1
|
|
|
bc4e95 |
|