pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1292 from dod-ccpo/session-cookie-domain

Browse Source 
Config to specify session cookie domain.
This commit is contained in:
dandds 2020-01-06 14:25:05 -05:00 committed by GitHub
commit 903edb8068
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -254,6 +254,7 @@ To generate coverage reports for the Javascript tests:
- `SECRET_KEY`: String key which will be used to sign the session cookie. Should be a long string of random bytes. https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY - `SECRET_KEY`: String key which will be used to sign the session cookie. Should be a long string of random bytes. https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY
- `SERVER_NAME`: Hostname for ATAT. Only needs to be specified in contexts where the hostname cannot be inferred from the request, such as Celery workers. https://flask.palletsprojects.com/en/1.1.x/config/#SERVER_NAME - `SERVER_NAME`: Hostname for ATAT. Only needs to be specified in contexts where the hostname cannot be inferred from the request, such as Celery workers. https://flask.palletsprojects.com/en/1.1.x/config/#SERVER_NAME
- `SESSION_COOKIE_NAME`: String value specifying the name to use for the session cookie. https://flask.palletsprojects.com/en/1.1.x/config/#SESSION_COOKIE_NAME - `SESSION_COOKIE_NAME`: String value specifying the name to use for the session cookie. https://flask.palletsprojects.com/en/1.1.x/config/#SESSION_COOKIE_NAME
- `SESSION_COOKIE_DOMAIN`: String value specifying the name to use for the session cookie. This should be set to the root domain so that it is valid for both the main site and the authentication subdomain. https://flask.palletsprojects.com/en/1.1.x/config/#SESSION_COOKIE_DOMAIN
- `SESSION_TYPE`: String value specifying the cookie storage backend. https://pythonhosted.org/Flask-Session/ - `SESSION_TYPE`: String value specifying the cookie storage backend. https://pythonhosted.org/Flask-Session/
- `SESSION_USE_SIGNER`: Boolean value specifying if the cookie sid should be signed. - `SESSION_USE_SIGNER`: Boolean value specifying if the cookie sid should be signed.
- `SQLALCHEMY_ECHO`: Boolean value specifying if SQLAlchemy should log queries to stdout. - `SQLALCHEMY_ECHO`: Boolean value specifying if SQLAlchemy should log queries to stdout.

1
config/base.ini
View File

@ -40,6 +40,7 @@ REDIS_USER
SECRET_KEY = change_me_into_something_secret SECRET_KEY = change_me_into_something_secret
SERVER_NAME SERVER_NAME
SESSION_COOKIE_NAME=atat SESSION_COOKIE_NAME=atat
SESSION_COOKIE_DOMAIN
SESSION_TYPE = redis SESSION_TYPE = redis
SESSION_USE_SIGNER = True SESSION_USE_SIGNER = True
SQLALCHEMY_ECHO = False SQLALCHEMY_ECHO = False

1
deploy/azure/atst-envvars-configmap.yml
View File

@ -30,6 +30,7 @@ data:
PGUSER: atat_master@atat-db PGUSER: atat_master@atat-db
REDIS_HOST: atat.redis.cache.windows.net:6380 REDIS_HOST: atat.redis.cache.windows.net:6380
REDIS_TLS: "true" REDIS_TLS: "true"
SESSION_COOKIE_DOMAIN: atat.code.mil
STATIC_URL: https://atat-cdn.azureedge.net/static/ STATIC_URL: https://atat-cdn.azureedge.net/static/
TZ: UTC TZ: UTC
UWSGI_CONFIG_FULLPATH: /opt/atat/atst/uwsgi.ini UWSGI_CONFIG_FULLPATH: /opt/atat/atst/uwsgi.ini