add setting for the LTPA cookie duration
This commit is contained in:
parent
89ba684641
commit
7cf177daf8
|
@ -2,6 +2,7 @@ class AppSettings(object):
|
||||||
__DEFAULTS = {
|
__DEFAULTS = {
|
||||||
'USE_MIDDLEWARE': True,
|
'USE_MIDDLEWARE': True,
|
||||||
'TOKEN_DURATION': 8*3600,
|
'TOKEN_DURATION': 8*3600,
|
||||||
|
'COOKIE_DURATION': 8*3600,
|
||||||
'TOKEN_SECRET': None,
|
'TOKEN_SECRET': None,
|
||||||
'TOKEN_USERNAME_ATTRIBUTE': None,
|
'TOKEN_USERNAME_ATTRIBUTE': None,
|
||||||
'COOKIE_NAME': 'LtpaToken',
|
'COOKIE_NAME': 'LtpaToken',
|
||||||
|
@ -17,6 +18,12 @@ class AppSettings(object):
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
return getattr(settings, self.prefix + name, dflt)
|
return getattr(settings, self.prefix + name, dflt)
|
||||||
|
|
||||||
|
@property
|
||||||
|
def COOKIE_DURATION(self):
|
||||||
|
from django.conf import settings
|
||||||
|
default = getattr(settings, 'SESSION_COOKIE_AGE', None)
|
||||||
|
return self._setting('COOKIE_DURATION', default)
|
||||||
|
|
||||||
def __getattr__(self, name):
|
def __getattr__(self, name):
|
||||||
if name not in self.__DEFAULTS:
|
if name not in self.__DEFAULTS:
|
||||||
raise AttributeError(name)
|
raise AttributeError(name)
|
||||||
|
|
|
@ -21,8 +21,10 @@ def add_ltpa_token_to_response(request, response):
|
||||||
duration=app_settings.TOKEN_DURATION)
|
duration=app_settings.TOKEN_DURATION)
|
||||||
domain = app_settings.COOKIE_DOMAIN or \
|
domain = app_settings.COOKIE_DOMAIN or \
|
||||||
request.META['HTTP_HOST'].split(':')[0]
|
request.META['HTTP_HOST'].split(':')[0]
|
||||||
|
max_age = app_settings.COOKIE_DURATION or None
|
||||||
response.set_cookie(app_settings.COOKIE_NAME, token, domain=domain,
|
response.set_cookie(app_settings.COOKIE_NAME, token, domain=domain,
|
||||||
httponly=app_settings.COOKIE_HTTP_ONLY)
|
httponly=app_settings.COOKIE_HTTP_ONLY,
|
||||||
|
max_age=max_age)
|
||||||
request.session['ltpa'] = True
|
request.session['ltpa'] = True
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
|
|
Reference in New Issue