Added documentation and unit tests for wild_domain in AuthTkt.

2 files changed, 20 insertions, 0 deletions

diff --git a/pyramid/authentication.py b/pyramid/authentication.py
index 0a792edc9..d454e7f1d 100644
--- a/pyramid/authentication.py
+++ b/pyramid/authentication.py
@@ -243,6 +243,12 @@ class AuthTktAuthenticationPolicy(CallbackAuthenticationPolicy):
        Default: ``False``. Hide cookie from JavaScript by setting the
        HttpOnly flag. Not honored by all browsers.
        Optional.
+
+    ``wild_domain``
+
+       Default: ``True``. An auth_tkt cookie will be generated for the
+       wildcard domain.
+       Optional.
     """
     implements(IAuthenticationPolicy)
     def __init__(self,
diff --git a/pyramid/tests/test_authentication.py b/pyramid/tests/test_authentication.py
index 49d655466..d17966dd0 100644
--- a/pyramid/tests/test_authentication.py
+++ b/pyramid/tests/test_authentication.py
@@ -548,6 +548,20 @@ class TestAuthTktCookieHelper(unittest.TestCase):
         self.failUnless('; Secure' in result[2][1])
         self.failUnless(result[2][1].startswith('auth_tkt='))
 
+    def test_remember_wild_domain_disabled(self):
+        plugin = self._makeOne('secret', wild_domain=False)
+        request = self._makeRequest()
+        result = plugin.remember(request, 'other')
+        self.assertEqual(len(result), 2)
+
+        self.assertEqual(result[0][0], 'Set-Cookie')
+        self.assertTrue(result[0][1].endswith('; Path=/'))
+        self.failUnless(result[0][1].startswith('auth_tkt='))
+
+        self.assertEqual(result[1][0], 'Set-Cookie')
+        self.assertTrue(result[1][1].endswith('; Path=/; Domain=localhost'))
+        self.failUnless(result[1][1].startswith('auth_tkt='))
+
     def test_remember_string_userid(self):
         plugin = self._makeOne('secret')
         request = self._makeRequest()