Allow persistent cookies COUCHDB-1304
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/da33e344 Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/da33e344 Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/da33e344 Branch: refs/heads/COUCHDB-1342 Commit: da33e344705cda3f205e278cfb278513e7a7c03d Parents: ca51333 Author: Robert Newson <rnew...@apache.org> Authored: Thu Jan 19 13:31:52 2012 +0000 Committer: Robert Newson <rnew...@apache.org> Committed: Fri Jan 20 12:01:49 2012 +0000 ---------------------------------------------------------------------- CHANGES | 3 +++ NEWS | 1 + etc/couchdb/default.ini.tpl.in | 1 + src/couchdb/couch_httpd_auth.erl | 12 +++++++++++- 4 files changed, 16 insertions(+), 1 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/da33e344/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index c3492dd..17d1ce1 100644 --- a/CHANGES +++ b/CHANGES @@ -36,6 +36,9 @@ Authentication: By default this is disabled (secrets are stored in the .ini) but can be enabled via the .ini configuration key `use_users_db` in the `couch_httpd_oauth` section. + * Cookies used for authentication can be made persistent by enabling + the .ini configuration key `allow_persistent_cookies' in the + `couch_httpd_auth` section. Build System: http://git-wip-us.apache.org/repos/asf/couchdb/blob/da33e344/NEWS ---------------------------------------------------------------------- diff --git a/NEWS b/NEWS index c020912..458f7cd 100644 --- a/NEWS +++ b/NEWS @@ -50,6 +50,7 @@ This version has not been released yet. a filter. It affected continuous pull replications with a filter. * Fix use of OAuth with VHosts and URL rewriting. * OAuth secrets can now be stored in the users system database. + * Allow persistent authentication cookies. Version 1.1.2 ------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/da33e344/etc/couchdb/default.ini.tpl.in ---------------------------------------------------------------------- diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in index ef6bf97..cebf242 100644 --- a/etc/couchdb/default.ini.tpl.in +++ b/etc/couchdb/default.ini.tpl.in @@ -64,6 +64,7 @@ authentication_redirect = /_utils/session.html require_valid_user = false timeout = 600 ; number of seconds before automatic logout auth_cache_size = 50 ; size is number of cache entries +allow_persistent_cookies = false ; set to true to allow persistent cookies [couch_httpd_oauth] ; If set to 'true', oauth token and consumer secrets will be looked up http://git-wip-us.apache.org/repos/asf/couchdb/blob/da33e344/src/couchdb/couch_httpd_auth.erl ---------------------------------------------------------------------- diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl index bdfc15f..c09823c 100644 --- a/src/couchdb/couch_httpd_auth.erl +++ b/src/couchdb/couch_httpd_auth.erl @@ -232,7 +232,7 @@ cookie_auth_cookie(Req, User, Secret, TimeStamp) -> Hash = crypto:sha_mac(Secret, SessionData), mochiweb_cookies:cookie("AuthSession", couch_util:encodeBase64Url(SessionData ++ ":" ++ ?b2l(Hash)), - [{path, "/"}] ++ cookie_scheme(Req)). + [{path, "/"}] ++ cookie_scheme(Req) ++ max_age()). hash_password(Password, Salt) -> ?l2b(couch_util:to_hex(crypto:sha(<<Password/binary, Salt/binary>>))). @@ -358,3 +358,13 @@ cookie_scheme(#httpd{mochi_req=MochiReq}) -> http -> []; https -> [{secure, true}] end. + +max_age() -> + case couch_config:get("couch_httpd_auth", "allow_persistent_cookies", "false") of + "false" -> + []; + "true" -> + Timeout = list_to_integer( + couch_config:get("couch_httpd_auth", "timeout", "600")), + [{max_age, Timeout}] + end.