use secure=True when options.disable_http_login is enabled

We'll piggyback off of the current existing configuration item, `disable_http_login`, to decide how we should submit cookies to an HTTP response. Previously, in `sso.py`, the http schema was used to make this decision. There is an issue with that, however: We cannot actually test properly if we depend on the https schema. This change allows us to toggle `disable_http_login` to modify the behavior of cookies sent with an http response to be secure. We test this behavior in test/test_auth_routes.py#L81: `test_secure_login(mock)`. Signed-off-by: Kevin Morris <kevr@0cost.org>
2025-02-03 10:43:03 +01:00 · 2021-06-11 23:09:34 -07:00 · 2021-06-11 23:09:34 -07:00 · ec632a7091
commit ec632a7091
parent 763b84d0b9
6 changed files with 72 additions and 9 deletions
--- a/aurweb/routers/auth.py
+++ b/aurweb/routers/auth.py
@ -59,7 +59,10 @@ async def login_post(request: Request,

    response = RedirectResponse(url=next,
                                status_code=int(HTTPStatus.SEE_OTHER))
-    response.set_cookie("AURSID", sid, expires=expires_at)
+
+    secure_cookies = aurweb.config.getboolean("options", "disable_http_login")
+    response.set_cookie("AURSID", sid, expires=expires_at,
+                        secure=secure_cookies, httponly=True)
    return response


--- a/aurweb/routers/html.py
+++ b/aurweb/routers/html.py
@ -6,6 +6,8 @@ from http import HTTPStatus
 from fastapi import APIRouter, Form, HTTPException, Request
 from fastapi.responses import HTMLResponse, RedirectResponse

+import aurweb.config
+
 from aurweb.templates import make_context, render_template

 router = APIRouter()
@ -45,7 +47,9 @@ async def language(request: Request,
    # In any case, set the response's AURLANG cookie that never expires.
    response = RedirectResponse(url=f"{next}{query_string}",
                                status_code=int(HTTPStatus.SEE_OTHER))
-    response.set_cookie("AURLANG", set_lang)
+    secure_cookies = aurweb.config.getboolean("options", "disable_http_login")
+    response.set_cookie("AURLANG", set_lang,
+                        secure=secure_cookies, httponly=True)
    return response


--- a/aurweb/routers/sso.py
+++ b/aurweb/routers/sso.py
@ -131,13 +131,15 @@ async def authenticate(request: Request, redirect: str = None, conn=Depends(aurw
    elif len(aur_accounts) == 1:
        sid = open_session(request, conn, aur_accounts[0][Users.c.ID])
        response = RedirectResponse(redirect if redirect and is_aur_url(redirect) else "/")
+        secure_cookies = aurweb.config.getboolean("options", "disable_http_login")
        response.set_cookie(key="AURSID", value=sid, httponly=True,
-                            secure=request.url.scheme == "https")
+                            secure=secure_cookies)
        if "id_token" in token:
            # We save the id_token for the SSO logout. It’s not too important
            # though, so if we can’t find it, we can live without it.
-            response.set_cookie(key="SSO_ID_TOKEN", value=token["id_token"], path="/sso/",
-                                httponly=True, secure=request.url.scheme == "https")
+            response.set_cookie(key="SSO_ID_TOKEN", value=token["id_token"],
+                                path="/sso/", httponly=True,
+                                secure=secure_cookies)
        return response
    else:
        # We’ve got a severe integrity violation.
--- a/aurweb/templates.py
+++ b/aurweb/templates.py
@ -88,7 +88,10 @@ def render_template(request: Request,
    template = templates.get_template(path)
    rendered = template.render(context)

-    response = HTMLResponse(rendered, status_code=int(status_code))
-    response.set_cookie("AURLANG", context.get("language"))
-    response.set_cookie("AURTZ", context.get("timezone"))
+    response = HTMLResponse(rendered, status_code=status_code)
+    secure_cookies = aurweb.config.getboolean("options", "disable_http_login")
+    response.set_cookie("AURLANG", context.get("language"),
+                        secure=secure_cookies, httponly=True)
+    response.set_cookie("AURTZ", context.get("timezone"),
+                        secure=secure_cookies, httponly=True)
    return response
--- a/aurweb/util.py
+++ b/aurweb/util.py
@ -85,8 +85,9 @@ def valid_ssh_pubkey(pk):


 def migrate_cookies(request, response):
+    secure_cookies = aurweb.config.getboolean("options", "disable_http_login")
    for k, v in request.cookies.items():
-        response.set_cookie(k, v)
+        response.set_cookie(k, v, secure=secure_cookies, httponly=True)
    return response