another attempt to fix cookie misbehaviour

git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1492 57a73879-2fb5-44c3-a270-3262357dd7e2

diff --git a/CHANGES.txt b/CHANGES.txt
index 7cec6908976ec31661bd3c68c976192c9de39928..76da383a58cbf3ebebcaef023a52ccfa326ce361 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -43,6 +43,8 @@ are given with the most recent entry first.
   return positive values..." (literal 0xffff0000 in portalocker.py)
 - fixed ZPT code generating SyntaxWarning for assignment to None
 - add "ago" to intervals in the past (sf bug 679232)
+- another attempt to fix cookie misbehaviour - customise cookie name using
+  tracker name
 
 
 2003-??-?? 0.5.6

diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py
index aa9a3a6cd84537e11513cd9e293ad33c4c470cd0..80874cc55355f9a081c575391be0d2f9b02bc67f 100644 (file)
--- a/roundup/cgi/client.py
+++ b/roundup/cgi/client.py
@@ -1,4 +1,4 @@
-# $Id: client.py,v 1.76 2003-02-06 05:43:47 richard Exp $
+# $Id: client.py,v 1.77 2003-02-07 04:49:13 richard Exp $
 
 __doc__ = """
 WWW request handler (also used in the stand-alone server).
@@ -95,6 +95,8 @@ class Client:
         # this is the "cookie path" for this tracker (ie. the path part of
         # the "base" url)
         self.cookie_path = urlparse.urlparse(self.base)[2]
+        self.cookie_name = 'roundup_session_' + re.sub('[^a-zA-Z]', '',
+            self.instance.config.TRACKER_NAME)
 
         # see if we need to re-parse the environment for the form (eg Zope)
         if form is None:
@@ -227,11 +229,11 @@ class Client:
         user = 'anonymous'
 
         # bump the "revision" of the cookie since the format changed
-        if (cookie.has_key('roundup_user_2') and
-                cookie['roundup_user_2'].value != 'deleted'):
+        if (cookie.has_key(self.cookie_name) and
+                cookie[self.cookie_name].value != 'deleted'):
 
             # get the session key from the cookie
-            self.session = cookie['roundup_user_2'].value
+            self.session = cookie[self.cookie_name].value
             # get the user from the session
             try:
                 # update the lifetime datestamp
@@ -486,8 +488,8 @@ class Client:
 
         # generate the cookie path - make sure it has a trailing '/'
         self.additional_headers['Set-Cookie'] = \
-          'roundup_user_2=%s; expires=%s; Path=%s;'%(self.session, expire,
-            self.cookie_path)
+          '%s=%s; expires=%s; Path=%s;'%(self.cookie_name, self.session,
+            expire, self.cookie_path)
 
     def make_user_anonymous(self):
         ''' Make us anonymous
@@ -583,8 +585,8 @@ class Client:
         # construct the logout cookie
         now = Cookie._getdate()
         self.additional_headers['Set-Cookie'] = \
-           'roundup_user_2=deleted; Max-Age=0; expires=%s; Path=%s;'%(now,
-            self.cookie_path)
+           '%s=deleted; Max-Age=0; expires=%s; Path=%s;'%(self.cookie_name,
+            now, self.cookie_path)
 
         # Let the user know what's going on
         self.ok_message.append(_('You are logged out'))