diff options
| author | Michael Merickel <michael@merickel.org> | 2011-01-12 03:29:16 -0600 |
|---|---|---|
| committer | Michael Merickel <michael@merickel.org> | 2011-01-12 03:29:16 -0600 |
| commit | 77ded4452550e35a469e33bc336653f1d9deefc1 (patch) | |
| tree | 2bafded09339f34bef776ffffa7e0f11dcaef771 | |
| parent | a063aff1b0a9fe1f9d8c4a4baeade6453695f171 (diff) | |
| download | pyramid-77ded4452550e35a469e33bc336653f1d9deefc1.tar.gz pyramid-77ded4452550e35a469e33bc336653f1d9deefc1.tar.bz2 pyramid-77ded4452550e35a469e33bc336653f1d9deefc1.zip | |
Updated AuthTkt policy to support turning off wildcard domain cookies.
| -rw-r--r-- | pyramid/authentication.py | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/pyramid/authentication.py b/pyramid/authentication.py index 9de306b80..0a792edc9 100644 --- a/pyramid/authentication.py +++ b/pyramid/authentication.py @@ -256,6 +256,7 @@ class AuthTktAuthenticationPolicy(CallbackAuthenticationPolicy): max_age=None, path="/", http_only=False, + wild_domain=True, ): self.cookie = AuthTktCookieHelper( secret, @@ -267,6 +268,7 @@ class AuthTktAuthenticationPolicy(CallbackAuthenticationPolicy): max_age=max_age, http_only=http_only, path=path, + wild_domain=wild_domain, ) self.callback = callback @@ -316,7 +318,7 @@ class AuthTktCookieHelper(object): def __init__(self, secret, cookie_name='auth_tkt', secure=False, include_ip=False, timeout=None, reissue_time=None, - max_age=None, http_only=False, path="/"): + max_age=None, http_only=False, path="/", wild_domain=True): self.secret = secret self.cookie_name = cookie_name self.include_ip = include_ip @@ -329,6 +331,7 @@ class AuthTktCookieHelper(object): self.max_age = max_age self.http_only = http_only self.path = path + self.wild_domain = wild_domain static_flags = [] if self.secure: @@ -352,7 +355,6 @@ class AuthTktCookieHelper(object): max_age = '' cur_domain = environ.get('HTTP_HOST', environ.get('SERVER_NAME')) - wild_domain = '.' + cur_domain cookies = [ ('Set-Cookie', '%s="%s"; Path=%s%s%s' % ( @@ -360,11 +362,14 @@ class AuthTktCookieHelper(object): ('Set-Cookie', '%s="%s"; Path=%s; Domain=%s%s%s' % ( self.cookie_name, value, self.path, cur_domain, max_age, self.static_flags)), - ('Set-Cookie', '%s="%s"; Path=%s; Domain=%s%s%s' % ( - self.cookie_name, value, self.path, wild_domain, max_age, - self.static_flags)) ] + if self.wild_domain: + wild_domain = '.' + cur_domain + cookies.append(('Set-Cookie', '%s="%s"; Path=%s; Domain=%s%s%s' % ( + self.cookie_name, value, self.path, wild_domain, max_age, + self.static_flags))) + return cookies def identify(self, request): |