From ca34523e99c6df0fdaed086372f15df2da978aa8 Mon Sep 17 00:00:00 2001 From: Antony Chazapis Date: Thu, 23 Feb 2012 13:22:59 +0200 Subject: [PATCH] Use option for secure cookie. Refs #2069 --- astakos/im/settings.py | 1 + astakos/im/util.py | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/astakos/im/settings.py b/astakos/im/settings.py index 9a7cd25..ee5d835 100644 --- a/astakos/im/settings.py +++ b/astakos/im/settings.py @@ -37,6 +37,7 @@ INVITATIONS_ENABLED = getattr(settings, 'ASTAKOS_INVITATIONS_ENABLED', True) COOKIE_NAME = getattr(settings, 'ASTAKOS_COOKIE_NAME', '_pithos2_a') COOKIE_DOMAIN = getattr(settings, 'ASTAKOS_COOKIE_DOMAIN', None) +COOKIE_SECURE = getattr(settings, 'ASTAKOS_COOKIE_SECURE', True) IM_STATIC_URL = getattr(settings, 'ASTAKOS_IM_STATIC_URL', '/im/static/im/') diff --git a/astakos/im/util.py b/astakos/im/util.py index 9954d9d..285f460 100644 --- a/astakos/im/util.py +++ b/astakos/im/util.py @@ -47,7 +47,7 @@ from django.contrib.auth import login, authenticate from django.core.urlresolvers import reverse from astakos.im.models import AstakosUser, Invitation -from astakos.im.settings import INVITATIONS_PER_LEVEL, COOKIE_NAME, COOKIE_DOMAIN, FORCE_PROFILE_UPDATE +from astakos.im.settings import INVITATIONS_PER_LEVEL, COOKIE_NAME, COOKIE_DOMAIN, COOKIE_SECURE, FORCE_PROFILE_UPDATE logger = logging.getLogger(__name__) @@ -160,4 +160,4 @@ def set_cookie(response, user): cookie_value = quote(user.email + '|' + user.auth_token) response.set_cookie(COOKIE_NAME, value=cookie_value, expires=expire_fmt, path='/', - domain=COOKIE_DOMAIN) \ No newline at end of file + domain=COOKIE_DOMAIN, secure=COOKIE_SECURE) -- 1.7.10.4