From 62808152eecf4fd5da659e1785b64460e9775a7f Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 26 Dec 2021 16:31:05 +0100 Subject: [PATCH] Cookie handling for the new portal API --- src/app.py | 3 +++ src/authenticators/ldap_ynhuser.py | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/app.py b/src/app.py index 27cf7caec..9db7a4e4e 100644 --- a/src/app.py +++ b/src/app.py @@ -1323,6 +1323,7 @@ def app_ssowatconf(): "public": True, "uris": [domain + "/yunohost/admin" for domain in domains] + [domain + "/yunohost/api" for domain in domains] + + [domain + "/yunohost/portalapi" for domain in domains] + [ "re:^[^/]*/%.well%-known/ynh%-diagnosis/.*$", "re:^[^/]*/%.well%-known/acme%-challenge/.*$", @@ -1368,6 +1369,8 @@ def app_ssowatconf(): } conf_dict = { + "cookie_secret_file": "/etc/yunohost/.ssowat_cookie_secret", + "cookie_name": "yunohost.portal", "portal_domain": main_domain, "portal_path": "/yunohost/sso/", "additional_headers": { diff --git a/src/authenticators/ldap_ynhuser.py b/src/authenticators/ldap_ynhuser.py index 28b8c49fd..0e51d1925 100644 --- a/src/authenticators/ldap_ynhuser.py +++ b/src/authenticators/ldap_ynhuser.py @@ -11,7 +11,9 @@ from moulinette.authentication import BaseAuthenticator from moulinette.utils.text import random_ascii from yunohost.utils.error import YunohostError, YunohostAuthenticationError -session_secret = random_ascii() +# FIXME : we shall generate this somewhere if it doesnt exists yet +# FIXME : fix permissions +session_secret = open("/etc/yunohost/.ssowat_cookie_secret").read() logger = logging.getLogger("yunohostportal.authenticators.ldap_ynhuser")