Hmm cookies only get an expiration header if allow_persistent is enabled and
it's not by default.
```
$curl -c /tmp/cdb.cookies -H 'Content-Type: application/x-www-form-urlencoded'
-v -XPOST $DB/_session -d 'name=adm&password=pass'
```
```
rpc:multicall(config, set, ["couch_httpd_auth", "allow_persistent_cookies",
"true"]).
```
```
* upload completely sent off: 22 out of 22 bytes
< HTTP/1.1 200 OK
< Cache-Control: must-revalidate
< Content-Length: 44
< Content-Type: application/json
< Date: Tue, 02 Oct 2018 15:22:26 GMT
< Server: CouchDB/2.2.0-581c2fa6a (Erlang OTP/20)
* Added cookie AuthSession="YWRtOjVCQjM4RDMyOnYWLJijs4Uc5Aaj84GjZtLsNz9X" for
domain 127.0.0.1, path /, expire 0
< Set-Cookie: AuthSession=YWRtOjVCQjM4RDMyOnYWLJijs4Uc5Aaj84GjZtLsNz9X;
Version=1; Path=/; HttpOnly
<
{"ok":true,"name":"adm","roles":["_admin"]}
```
```
rpc:multicall(config, set, ["couch_httpd_auth", "allow_persistent_cookies",
"true"]).
```
```
* upload completely sent off: 22 out of 22 bytes
< HTTP/1.1 200 OK
< Cache-Control: must-revalidate
< Content-Length: 44
< Content-Type: application/json
< Date: Tue, 02 Oct 2018 15:23:46 GMT
< Server: CouchDB/2.2.0-581c2fa6a (Erlang OTP/20)
* Added cookie AuthSession="YWRtOjVCQjM4RDgyOr7-XxqhgZhHnfWQWY365LpeytTU" for
domain 127.0.0.1, path /, expire 1538494426
< Set-Cookie: AuthSession=YWRtOjVCQjM4RDgyOr7-XxqhgZhHnfWQWY365LpeytTU;
Version=1; Expires=Tue, 02-Oct-2018 15:33:46 GMT; Max-Age=600; Path=/; HttpOnly
<
{"ok":true,"name":"adm","roles":["_admin"]}
```
Hmm maybe allow_persistent should be true by default...?
[ Full content available at: https://github.com/apache/couchdb/pull/1619 ]
This message was relayed via gitbox.apache.org for [email protected]
