Updated getUDSCookie for "early" generation and "forced" storing on

response
2025-02-02 09:47:13 +03:00 · 2014-11-02 05:11:04 +01:00 · 2014-11-02 05:11:04 +01:00 · dd5b35b354
commit dd5b35b354
parent a8bba8da48
2 changed files with 15 additions and 4 deletions
--- a/server/src/uds/core/auths/auth.py
+++ b/server/src/uds/core/auths/auth.py
@ -50,7 +50,7 @@ from uds.models import User

 import logging

-__updated__ = '2014-10-27'
+__updated__ = '2014-11-02'

 logger = logging.getLogger(__name__)
 authLogger = logging.getLogger('authLog')
@ -60,15 +60,20 @@ PASS_KEY = 'pk'
 ROOT_ID = -20091204  # Any negative number will do the trick


-def getUDSCookie(request, response):
+def getUDSCookie(request, response=None, force=False):
    if 'uds' not in request.COOKIES:
        import random
        import string
        cookie = ''.join(random.choice(string.letters + string.digits) for _ in xrange(32))
-        response.set_cookie('uds', cookie)
+        if response is not None:
+            response.set_cookie('uds', cookie)
+        request.COOKIES['uds'] = cookie
    else:
        cookie = request.COOKIES['uds']

+    if response is not None and force is True:
+        response.set_cookie('uds', cookie)
+
    return cookie


--- a/server/src/uds/web/views.py
+++ b/server/src/uds/web/views.py
@ -58,7 +58,7 @@ from uds.core.ui import theme
 from uds.core.auths.Exceptions import InvalidUserException
 from uds.core.services.Exceptions import InvalidServiceException

-from transformers import transformId, scrambleId
+from transformers import transformId

 import uds.web.errors as errors
 import logging
@ -508,6 +508,9 @@ def ticketAuth(request, ticketId):
        request.session['java'] = True
        request['OS'] = OsDetector.getOsFromUA(request.META.get('HTTP_USER_AGENT'))

+        # Force cookie generation
+        getUDSCookie(request)
+
        # Check if servicePool is part of the ticket
        if servicePool is not None:
            servicePool = DeployedService.objects.get(uuid=servicePool)
@ -519,6 +522,9 @@ def ticketAuth(request, ticketId):
        else:
            response = HttpResponseRedirect(reverse('uds.web.views.index'))

+        # Now ensure cookie is at response
+        getUDSCookie(request, response, True)
+
        webLogin(request, response, usr, password)  # Password is passed in by ticket, and probably will be empty

    except Authenticator.DoesNotExist: