Allow persistent cookies COUCHDB-1304
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/5579fecf Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/5579fecf Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/5579fecf Branch: refs/heads/1.2.x Commit: 5579fecffcb7705af5e0b8f2954e81c92be5fa57 Parents: c65cca6 Author: Robert Newson <[email protected]> Authored: Thu Jan 19 13:31:52 2012 +0000 Committer: Robert Newson <[email protected]> Committed: Fri Jan 20 12:00:57 2012 +0000 ---------------------------------------------------------------------- CHANGES | 3 +++ NEWS | 1 + etc/couchdb/default.ini.tpl.in | 1 + src/couchdb/couch_httpd_auth.erl | 12 +++++++++++- 4 files changed, 16 insertions(+), 1 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/5579fecf/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index 5a8f94a..bbce5d3 100644 --- a/CHANGES +++ b/CHANGES @@ -20,6 +20,9 @@ Authentication: longer publicly readable. * Password hashes are now calculated by CouchDB. Clients are no longer required to do this manually. + * Cookies used for authentication can be made persistent by enabling + the .ini configuration key `allow_persistent_cookies' in the + `couch_httpd_auth` section. Build System: http://git-wip-us.apache.org/repos/asf/couchdb/blob/5579fecf/NEWS ---------------------------------------------------------------------- diff --git a/NEWS b/NEWS index 244ce9b..72a8bc6 100644 --- a/NEWS +++ b/NEWS @@ -44,6 +44,7 @@ This version has not been released yet. be read by everyone. * Password hashes are now calculated by CouchDB instead of the client. + * Allow persistent authentication cookies. Version 1.1.2 ------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/5579fecf/etc/couchdb/default.ini.tpl.in ---------------------------------------------------------------------- diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in index 380e0c6..9c9d371 100644 --- a/etc/couchdb/default.ini.tpl.in +++ b/etc/couchdb/default.ini.tpl.in @@ -57,6 +57,7 @@ authentication_redirect = /_utils/session.html require_valid_user = false timeout = 600 ; number of seconds before automatic logout auth_cache_size = 50 ; size is number of cache entries +allow_persistent_cookies = false ; set to true to allow persistent cookies [couch_httpd_oauth] ; If set to 'true', oauth token and consumer secrets will be looked up http://git-wip-us.apache.org/repos/asf/couchdb/blob/5579fecf/src/couchdb/couch_httpd_auth.erl ---------------------------------------------------------------------- diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl index 43e8378..a3ee4f4 100644 --- a/src/couchdb/couch_httpd_auth.erl +++ b/src/couchdb/couch_httpd_auth.erl @@ -232,7 +232,7 @@ cookie_auth_cookie(Req, User, Secret, TimeStamp) -> Hash = crypto:sha_mac(Secret, SessionData), mochiweb_cookies:cookie("AuthSession", couch_util:encodeBase64Url(SessionData ++ ":" ++ ?b2l(Hash)), - [{path, "/"}] ++ cookie_scheme(Req)). + [{path, "/"}] ++ cookie_scheme(Req) ++ max_age()). hash_password(Password, Salt) -> ?l2b(couch_util:to_hex(crypto:sha(<<Password/binary, Salt/binary>>))). @@ -352,3 +352,13 @@ cookie_scheme(#httpd{mochi_req=MochiReq}) -> http -> []; https -> [{secure, true}] end. + +max_age() -> + case couch_config:get("couch_httpd_auth", "allow_persistent_cookies", "false") of + "false" -> + []; + "true" -> + Timeout = list_to_integer( + couch_config:get("couch_httpd_auth", "timeout", "600")), + [{max_age, Timeout}] + end.
