Skip to content

Commit

Permalink
Merge pull request #4798 from apache/send-original-cookie-format
Browse files Browse the repository at this point in the history 
Send compatible AuthSession cookie when possible.
  • Loading branch information
@rnewson
rnewson committed Oct 5, 2023
2 parents ce2607a + 1965b78 commit acd88ae
Showing 1 changed file with 11 additions and 9 deletions.
20 changes: 11 additions & 9 deletions src/couch/src/couch_httpd_auth.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -460,16 +460,18 @@ cookie_auth_header(
cookie_auth_header(_Req, _Headers) ->
[].

cookie_auth_cookie(Req, User, Secret, TimeStamp, MustMatchBasic) ->
MustMatchBasicStr =
case MustMatchBasic of
true -> "1";
false -> "0"
end,
SessionData = lists:join(":", [
cookie_auth_cookie(Req, User, Secret, TimeStamp, true) ->
SessionItems = [
User,
lists:join(",", [erlang:integer_to_list(TimeStamp, 16), MustMatchBasicStr])
]),
[erlang:integer_to_list(TimeStamp, 16), ",1"]
],
cookie_auth_cookie(Req, Secret, SessionItems);
cookie_auth_cookie(Req, User, Secret, TimeStamp, false) ->
SessionItems = [User, erlang:integer_to_list(TimeStamp, 16)],
cookie_auth_cookie(Req, Secret, SessionItems).

cookie_auth_cookie(Req, Secret, SessionItems) when is_list(SessionItems) ->
SessionData = lists:join(":", SessionItems),
[HashAlgorithm | _] = couch_util:get_config_hash_algorithms(),
Hash = couch_util:hmac(HashAlgorithm, Secret, SessionData),
mochiweb_cookies:cookie(
Expand Down

0 comments on commit acd88ae

Please sign in to comment.