diff options
author | Robert Newson <rnewson@apache.org> | 2012-01-19 13:31:52 +0000 |
---|---|---|
committer | Robert Newson <rnewson@apache.org> | 2012-01-20 12:01:49 +0000 |
commit | da33e344705cda3f205e278cfb278513e7a7c03d (patch) | |
tree | c8bbde4d3bde704ac29a7c21db094c587403c697 | |
parent | ca51333f379204771fa225e21d110b3488c74ca5 (diff) | |
download | couchdb-da33e344705cda3f205e278cfb278513e7a7c03d.tar.gz |
Allow persistent cookies
COUCHDB-1304
-rw-r--r-- | CHANGES | 3 | ||||
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | etc/couchdb/default.ini.tpl.in | 1 | ||||
-rw-r--r-- | src/couchdb/couch_httpd_auth.erl | 12 |
4 files changed, 16 insertions, 1 deletions
@@ -36,6 +36,9 @@ Authentication: By default this is disabled (secrets are stored in the .ini) but can be enabled via the .ini configuration key `use_users_db` in the `couch_httpd_oauth` section. + * Cookies used for authentication can be made persistent by enabling + the .ini configuration key `allow_persistent_cookies' in the + `couch_httpd_auth` section. Build System: @@ -50,6 +50,7 @@ This version has not been released yet. a filter. It affected continuous pull replications with a filter. * Fix use of OAuth with VHosts and URL rewriting. * OAuth secrets can now be stored in the users system database. + * Allow persistent authentication cookies. Version 1.1.2 ------------- diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in index ef6bf975c..cebf24267 100644 --- a/etc/couchdb/default.ini.tpl.in +++ b/etc/couchdb/default.ini.tpl.in @@ -64,6 +64,7 @@ authentication_redirect = /_utils/session.html require_valid_user = false timeout = 600 ; number of seconds before automatic logout auth_cache_size = 50 ; size is number of cache entries +allow_persistent_cookies = false ; set to true to allow persistent cookies [couch_httpd_oauth] ; If set to 'true', oauth token and consumer secrets will be looked up diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl index bdfc15fa6..c09823cc8 100644 --- a/src/couchdb/couch_httpd_auth.erl +++ b/src/couchdb/couch_httpd_auth.erl @@ -232,7 +232,7 @@ cookie_auth_cookie(Req, User, Secret, TimeStamp) -> Hash = crypto:sha_mac(Secret, SessionData), mochiweb_cookies:cookie("AuthSession", couch_util:encodeBase64Url(SessionData ++ ":" ++ ?b2l(Hash)), - [{path, "/"}] ++ cookie_scheme(Req)). + [{path, "/"}] ++ cookie_scheme(Req) ++ max_age()). hash_password(Password, Salt) -> ?l2b(couch_util:to_hex(crypto:sha(<<Password/binary, Salt/binary>>))). @@ -358,3 +358,13 @@ cookie_scheme(#httpd{mochi_req=MochiReq}) -> http -> []; https -> [{secure, true}] end. + +max_age() -> + case couch_config:get("couch_httpd_auth", "allow_persistent_cookies", "false") of + "false" -> + []; + "true" -> + Timeout = list_to_integer( + couch_config:get("couch_httpd_auth", "timeout", "600")), + [{max_age, Timeout}] + end. |