Bug #787: Avoid cookie collisions among oZones and Sunstone sessions

2025-03-16 22:50:10 +03:00 · 2011-09-02 12:53:16 +02:00 · 2011-09-02 12:53:16 +02:00 · e765a046c5
commit e765a046c5
parent db784373db
4 changed files with 30 additions and 18 deletions
--- a/src/ozones/Server/ozones-server.rb
+++ b/src/ozones/Server/ozones-server.rb
@ -102,7 +102,7 @@ ADMIN_PASS = @auth.password
 ##############################################################################
 # Sinatra Configuration
 ##############################################################################
-use Rack::Session::Pool
+use Rack::Session::Pool, :key => 'ozones'
 set :host, config[:host]
 set :port, config[:port]
 set :show_exceptions, false
@ -190,7 +190,7 @@ get '/' do
                      '/templates/login.html') unless authorized?

    time = Time.now + 60
-    response.set_cookie("one-user",
+    response.set_cookie("ozones-user",
                        :value=>"#{session[:user]}",
                        :expires=>time)

--- a/src/sunstone/public/js/login.js
+++ b/src/sunstone/public/js/login.js
@ -63,9 +63,5 @@ $(document).ready(function(){
        }
    });

-    $("#logout_btn").click(function () {
-        logout();
-    });
-
    $("input#username.box").get(0).focus();
 });
--- a/src/sunstone/public/js/sunstone.js
+++ b/src/sunstone/public/js/sunstone.js
@ -388,24 +388,40 @@ function readCookie(){
 //signout button
 function setLogin(){
    //This variables can be used anywhere
-    username = cookie["one-user"];
-    uid = cookie["one-user_id"];
-    gid = cookie["one-user_gid"];
+    switch(whichUI()){
+    case "sunstone":
+        username = cookie["one-user"];
+        uid = cookie["one-user_id"];
+        gid = cookie["one-user_gid"];
+        break;
+    case "ozones":
+        username = cookie["ozones-user"];
+        break;
+    };
+

    $("div#header span#user").html(username);
+
    $("div#header a#logout").click(function(){
-        //todo, this is ugly
-        var f_logout = typeof(OpenNebula)!="undefined"?
-            OpenNebula.Auth.logout : oZones.Auth.logout;
-        f_logout({
-            success:function(){
-                window.location.href = "login";
-            }
-        });
+        redirect = function(){window.location.href = "login";};
+        switch(whichUI()){
+        case "sunstone":
+            OpenNebula.Auth.logout({success:redirect});
+            break;
+        case "ozones":
+            oZones.Auth.logout({success:redirect});
+            break;
+        }
        return false;
    });
 }

+//returns whether we are Sunstone, or oZones
+//not the most elegant way, but better in its own function
+function whichUI(){
+    return (typeof(OpenNebula)!="undefined"? "sunstone" : "ozones");
+}
+
 //Inserts all main tabs in the DOM
 function insertTabs(){
    var tab_info;
--- a/src/sunstone/sunstone-server.rb
+++ b/src/sunstone/sunstone-server.rb
@ -54,7 +54,7 @@ set :config, Configuration.new(CONFIGURATION_FILE)
 ##############################################################################
 # Sinatra Configuration
 ##############################################################################
-use Rack::Session::Pool
+use Rack::Session::Pool, :key => 'sunstone'
 set :host, settings.config[:host]
 set :port, settings.config[:port]