[auth] Authtkt http_only and secure by default
authorChristophe de Vienne <cdevienne@gmail.com>
Fri, 07 Aug 2015 11:59:07 +0200 (2015-08-07)
changeset 11593 73bf8377a3d5
parent 11592 197e10cb74f7
child 11594 61f69ac2d6bc
[auth] Authtkt http_only and secure by default The test suite is now full 'https'. Closes #4731765
pyramid_cubicweb/auth.py
pyramid_cubicweb/tests/__init__.py
pyramid_cubicweb/tests/test_bw_request.py
--- a/pyramid_cubicweb/auth.py	Fri Aug 07 11:52:08 2015 +0200
+++ b/pyramid_cubicweb/auth.py	Fri Aug 07 11:59:07 2015 +0200
@@ -144,7 +144,9 @@
                     'hashalg': 'sha512',
                     'cookie_name': 'auth_tkt',
                     'timeout': 1200,
-                    'reissue_time': 120
+                    'reissue_time': 120,
+                    'http_only': True,
+                    'secure': True
                 },
                 prefix=session_prefix,
                 **settings
@@ -158,7 +160,9 @@
                     'hashalg': 'sha512',
                     'cookie_name': 'pauth_tkt',
                     'max_age': 3600*24*30,
-                    'reissue_time': 3600*24
+                    'reissue_time': 3600*24,
+                    'http_only': True,
+                    'secure': True
                 },
                 prefix=persistent_prefix,
                 **settings
--- a/pyramid_cubicweb/tests/__init__.py	Fri Aug 07 11:52:08 2015 +0200
+++ b/pyramid_cubicweb/tests/__init__.py	Fri Aug 07 11:59:07 2015 +0200
@@ -15,6 +15,8 @@
         config.global_set_option('anonymous-user', 'anon')
         config['pyramid-auth-secret'] = 'authsecret'
         config['pyramid-session-secret'] = 'sessionsecret'
+        config.https_uiprops = None
+        config.https_datadir_url = None
 
     def setUp(self):
         # Skip CubicWebTestTC setUp
@@ -22,7 +24,9 @@
         config = make_cubicweb_application(self.config, self.settings)
         self.includeme(config)
         self.pyr_registry = config.registry
-        self.webapp = webtest.TestApp(config.make_wsgi_app())
+        self.webapp = webtest.TestApp(
+            config.make_wsgi_app(),
+            extra_environ={'wsgi.url_scheme': 'https'})
 
     def includeme(self, config):
         pass
--- a/pyramid_cubicweb/tests/test_bw_request.py	Fri Aug 07 11:52:08 2015 +0200
+++ b/pyramid_cubicweb/tests/test_bw_request.py	Fri Aug 07 11:59:07 2015 +0200
@@ -96,9 +96,3 @@
                 '/', POST=params,
                 content_type='application/x-www-form-urlencoded'))
         self.assertEqual(u"é", req.form['arg'])
-
-    @classmethod
-    def init_config(cls, config):
-        super(WSGIAppTest, cls).init_config(config)
-        config.https_uiprops = None
-        config.https_datadir_url = None