Projet

Général

Profil

0001-multitenant-use-unique-name-for-authentic-opened-ses.patch

Frédéric Péters, 01 juin 2019 20:04

Télécharger (1,4 ko)

Voir les différences: 

Subject: [PATCH] multitenant: use unique name for authentic opened session
 cookie (#33603)


 hobo/multitenant/settings_loaders.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)
hobo/multitenant/settings_loaders.py
274 274 
        domain_hash = hashlib.md5(smart_bytes(tenant.domain_url)).hexdigest()[:6]
275 275 
        tenant_settings.CSRF_COOKIE_NAME = 'csrftoken-%s' % domain_hash
276 276 
        tenant_settings.SESSION_COOKIE_NAME = 'sessionid-%s' % domain_hash
277 

  		




  
  277
  
    
        # unique but common name for authentic opened session cookie name

  		




  
  278
  
    
        if getattr(tenant_settings, 'TEMPLATE_VARS', None):

  		




  
  279
  
    
            idp_url = tenant_settings.TEMPLATE_VARS.get('idp_url')

  		




  
  280
  
    
            if idp_url:

  		




  
  281
  
    
                idp_hash = hashlib.md5(smart_bytes(idp_url)).hexdigest()[:6]

  		




  
  282
  
    
                cookie_name = 'a2-opened-session-%s' % idp_hash

  		




  
  283
  
    
                tenant_settings.A2_OPENED_SESSION_COOKIE_NAME = cookie_name

  		




  
  284
  
    
                tenant_settings.MELLON_OPENED_SESSION_COOKIE_NAME = cookie_name

  		




  278
  285
  
    

  		




  279
  286
  
    
#

  		




  280
  287
  
    
# Specific loaders

  		




  281
  
  
    
-