multitenant: use unique name for authentic opened session cookie (#33603)
This commit is contained in:
parent
76ce7c38f3
commit
e70d32b5a6
|
@ -274,7 +274,14 @@ class CookieNames(object):
|
|||
domain_hash = hashlib.md5(smart_bytes(tenant.domain_url)).hexdigest()[:6]
|
||||
tenant_settings.CSRF_COOKIE_NAME = 'csrftoken-%s' % domain_hash
|
||||
tenant_settings.SESSION_COOKIE_NAME = 'sessionid-%s' % domain_hash
|
||||
|
||||
# unique but common name for authentic opened session cookie name
|
||||
if getattr(tenant_settings, 'TEMPLATE_VARS', None):
|
||||
idp_url = tenant_settings.TEMPLATE_VARS.get('idp_url')
|
||||
if idp_url:
|
||||
idp_hash = hashlib.md5(smart_bytes(idp_url)).hexdigest()[:6]
|
||||
cookie_name = 'a2-opened-session-%s' % idp_hash
|
||||
tenant_settings.A2_OPENED_SESSION_COOKIE_NAME = cookie_name
|
||||
tenant_settings.MELLON_OPENED_SESSION_COOKIE_NAME = cookie_name
|
||||
|
||||
#
|
||||
# Specific loaders
|
||||
|
|
Loading…
Reference in New Issue