couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rnew...@apache.org
Subject [2/2] git commit: Allow persistent cookies
Date Fri, 20 Jan 2012 12:02:06 GMT
Allow persistent cookies

COUCHDB-1304


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/5579fecf
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/5579fecf
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/5579fecf

Branch: refs/heads/1.2.x
Commit: 5579fecffcb7705af5e0b8f2954e81c92be5fa57
Parents: c65cca6
Author: Robert Newson <rnewson@apache.org>
Authored: Thu Jan 19 13:31:52 2012 +0000
Committer: Robert Newson <rnewson@apache.org>
Committed: Fri Jan 20 12:00:57 2012 +0000

----------------------------------------------------------------------
 CHANGES                          |    3 +++
 NEWS                             |    1 +
 etc/couchdb/default.ini.tpl.in   |    1 +
 src/couchdb/couch_httpd_auth.erl |   12 +++++++++++-
 4 files changed, 16 insertions(+), 1 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/5579fecf/CHANGES
----------------------------------------------------------------------
diff --git a/CHANGES b/CHANGES
index 5a8f94a..bbce5d3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -20,6 +20,9 @@ Authentication:
    longer publicly readable.
  * Password hashes are now calculated by CouchDB. Clients are no
    longer required to do this manually.
+ * Cookies used for authentication can be made persistent by enabling
+   the .ini configuration key `allow_persistent_cookies' in the
+   `couch_httpd_auth` section.
 
 Build System:
 

http://git-wip-us.apache.org/repos/asf/couchdb/blob/5579fecf/NEWS
----------------------------------------------------------------------
diff --git a/NEWS b/NEWS
index 244ce9b..72a8bc6 100644
--- a/NEWS
+++ b/NEWS
@@ -44,6 +44,7 @@ This version has not been released yet.
    be read by everyone.
  * Password hashes are now calculated by CouchDB instead of the
    client.
+ * Allow persistent authentication cookies.
 
 Version 1.1.2
 -------------

http://git-wip-us.apache.org/repos/asf/couchdb/blob/5579fecf/etc/couchdb/default.ini.tpl.in
----------------------------------------------------------------------
diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in
index 380e0c6..9c9d371 100644
--- a/etc/couchdb/default.ini.tpl.in
+++ b/etc/couchdb/default.ini.tpl.in
@@ -57,6 +57,7 @@ authentication_redirect = /_utils/session.html
 require_valid_user = false
 timeout = 600 ; number of seconds before automatic logout
 auth_cache_size = 50 ; size is number of cache entries
+allow_persistent_cookies = false ; set to true to allow persistent cookies
 
 [couch_httpd_oauth]
 ; If set to 'true', oauth token and consumer secrets will be looked up

http://git-wip-us.apache.org/repos/asf/couchdb/blob/5579fecf/src/couchdb/couch_httpd_auth.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl
index 43e8378..a3ee4f4 100644
--- a/src/couchdb/couch_httpd_auth.erl
+++ b/src/couchdb/couch_httpd_auth.erl
@@ -232,7 +232,7 @@ cookie_auth_cookie(Req, User, Secret, TimeStamp) ->
     Hash = crypto:sha_mac(Secret, SessionData),
     mochiweb_cookies:cookie("AuthSession",
         couch_util:encodeBase64Url(SessionData ++ ":" ++ ?b2l(Hash)),
-        [{path, "/"}] ++ cookie_scheme(Req)).
+        [{path, "/"}] ++ cookie_scheme(Req) ++ max_age()).
 
 hash_password(Password, Salt) ->
     ?l2b(couch_util:to_hex(crypto:sha(<<Password/binary, Salt/binary>>))).
@@ -352,3 +352,13 @@ cookie_scheme(#httpd{mochi_req=MochiReq}) ->
         http -> [];
         https -> [{secure, true}]
     end.
+
+max_age() ->
+    case couch_config:get("couch_httpd_auth", "allow_persistent_cookies", "false") of
+        "false" ->
+            [];
+        "true" ->
+            Timeout = list_to_integer(
+                couch_config:get("couch_httpd_auth", "timeout", "600")),
+            [{max_age, Timeout}]
+    end.


Mime
View raw message