Commit 2b309adf by John Jarvis

Fixing cookie handling for edx-mktg-loggedin

parent 78079d1c
...@@ -419,6 +419,9 @@ def login_user(request, error=""): ...@@ -419,6 +419,9 @@ def login_user(request, error=""):
response = HttpResponse(json.dumps({'success': True})) response = HttpResponse(json.dumps({'success': True}))
# set the login cookie for the edx marketing site # set the login cookie for the edx marketing site
# we want this cookie to be accessed via javascript
# so httponly is set to None
if request.session.get_expire_at_browser_close(): if request.session.get_expire_at_browser_close():
max_age = None max_age = None
expires = None expires = None
...@@ -427,12 +430,13 @@ def login_user(request, error=""): ...@@ -427,12 +430,13 @@ def login_user(request, error=""):
expires_time = time.time() + max_age expires_time = time.time() + max_age
expires = cookie_date(expires_time) expires = cookie_date(expires_time)
response.set_cookie(settings.EDXMKTG_COOKIE_NAME, response.set_cookie(settings.EDXMKTG_COOKIE_NAME,
'true', max_age=max_age, 'true', max_age=max_age,
expires=expires, domain=settings.SESSION_COOKIE_DOMAIN, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
path=settings.SESSION_COOKIE_PATH, path='/',
secure=settings.SESSION_COOKIE_SECURE or None, secure=None,
httponly=settings.SESSION_COOKIE_HTTPONLY or None) httponly=None)
return response return response
...@@ -457,7 +461,8 @@ def logout_user(request): ...@@ -457,7 +461,8 @@ def logout_user(request):
logout(request) logout(request)
response = redirect('/') response = redirect('/')
response.delete_cookie(settings.EDXMKTG_COOKIE_NAME, response.delete_cookie(settings.EDXMKTG_COOKIE_NAME,
settings.SESSION_COOKIE_DOMAIN) path='/',
domain=settings.SESSION_COOKIE_DOMAIN)
return response return response
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment