[auth] Authtkt http_only and secure by default
The test suite is now full 'https'.
Closes #4731765
--- a/pyramid_cubicweb/auth.py Fri Aug 07 11:52:08 2015 +0200
+++ b/pyramid_cubicweb/auth.py Fri Aug 07 11:59:07 2015 +0200
@@ -144,7 +144,9 @@
'hashalg': 'sha512',
'cookie_name': 'auth_tkt',
'timeout': 1200,
- 'reissue_time': 120
+ 'reissue_time': 120,
+ 'http_only': True,
+ 'secure': True
},
prefix=session_prefix,
**settings
@@ -158,7 +160,9 @@
'hashalg': 'sha512',
'cookie_name': 'pauth_tkt',
'max_age': 3600*24*30,
- 'reissue_time': 3600*24
+ 'reissue_time': 3600*24,
+ 'http_only': True,
+ 'secure': True
},
prefix=persistent_prefix,
**settings
--- a/pyramid_cubicweb/tests/__init__.py Fri Aug 07 11:52:08 2015 +0200
+++ b/pyramid_cubicweb/tests/__init__.py Fri Aug 07 11:59:07 2015 +0200
@@ -15,6 +15,8 @@
config.global_set_option('anonymous-user', 'anon')
config['pyramid-auth-secret'] = 'authsecret'
config['pyramid-session-secret'] = 'sessionsecret'
+ config.https_uiprops = None
+ config.https_datadir_url = None
def setUp(self):
# Skip CubicWebTestTC setUp
@@ -22,7 +24,9 @@
config = make_cubicweb_application(self.config, self.settings)
self.includeme(config)
self.pyr_registry = config.registry
- self.webapp = webtest.TestApp(config.make_wsgi_app())
+ self.webapp = webtest.TestApp(
+ config.make_wsgi_app(),
+ extra_environ={'wsgi.url_scheme': 'https'})
def includeme(self, config):
pass
--- a/pyramid_cubicweb/tests/test_bw_request.py Fri Aug 07 11:52:08 2015 +0200
+++ b/pyramid_cubicweb/tests/test_bw_request.py Fri Aug 07 11:59:07 2015 +0200
@@ -96,9 +96,3 @@
'/', POST=params,
content_type='application/x-www-form-urlencoded'))
self.assertEqual(u"é", req.form['arg'])
-
- @classmethod
- def init_config(cls, config):
- super(WSGIAppTest, cls).init_config(config)
- config.https_uiprops = None
- config.https_datadir_url = None