Opened 15 years ago
Last modified 8 years ago
#8486 closed enhancement
make trac.web.auth.LoginModule cookie path configurable — at Initial Version
Reported by: | Owned by: | ||
---|---|---|---|
Priority: | normal | Milestone: | 0.12 |
Component: | web frontend | Version: | 0.11.5rc2 |
Severity: | normal | Keywords: | |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
Currently, the LoginModule
sets (and deletes) a cookie on req.base_path
:
req.outcookie['trac_auth'] = cookie req.outcookie['trac_auth']['path'] = req.base_path or '/'
def _expire_cookie(self, req): """Instruct the user agent to drop the auth cookie by setting the "expires" property to a date in the past. """ req.outcookie['trac_auth'] = '' req.outcookie['trac_auth']['path'] = req.base_path or '/' req.outcookie['trac_auth']['expires'] = -10000 if self.env.secure_cookies: req.outcookie['trac_auth']['secure'] = True
It would be nice for this to be configurable, so that, optionally the cookie path could be specified as an Option
with the current behavior being the fallback if the Option
is not set.
The reason I would like this is so that cookies can be parseable via multiple Trac environments on the same server, optionally. Currently, (in the soon to be released SharedCookieAuthPlugin) I work around this with a monkey-patch:
class GenericObject(object): def __init__(self, **kw): for key, item in kw.items(): setattr(self, key, item) def _do_login(self, req): kw = [ 'incookie', 'remote_user', 'authname', 'remote_addr', 'outcookie' ] kw = dict([ (i, getattr(req, i)) for i in kw ]) kw['base_path'] = '/' fake_req = GenericObject(**kw) auth_login_module_do_login(self, fake_req)