Commit 97572d84 authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_jio: fix google callback cookie

See merge request !320
parents 764e544c b32721be
...@@ -15,7 +15,9 @@ elif code is not None: ...@@ -15,7 +15,9 @@ elif code is not None:
access_token = response_dict['access_token'].encode('utf-8') access_token = response_dict['access_token'].encode('utf-8')
hash_str = context.Base_getHMAC(access_token, access_token) hash_str = context.Base_getHMAC(access_token, access_token)
context.REQUEST.RESPONSE.setCookie('__ac_facebook_hash', hash_str, path='/') response = context.REQUEST.RESPONSE
context.setAuthCookie(response, '__ac_facebook_hash', hash_str)
# store timestamp in second since the epoch in UTC is enough # store timestamp in second since the epoch in UTC is enough
response_dict["response_timestamp"] = time.time() response_dict["response_timestamp"] = time.time()
...@@ -37,7 +39,7 @@ elif code is not None: ...@@ -37,7 +39,7 @@ elif code is not None:
person_relative_url = context.ERP5Site_getPersonFromFacebookLogin(user_reference) person_relative_url = context.ERP5Site_getPersonFromFacebookLogin(user_reference)
came_from = portal.absolute_url() + "/#!login?n.me=%s" % (person_relative_url) came_from = portal.absolute_url() + "/#!login?n.me=%s" % (person_relative_url)
context.REQUEST.RESPONSE.setHeader('Location', came_from) response.setHeader('Location', came_from)
context.REQUEST.RESPONSE.setStatus(303) response.setStatus(303)
else: else:
return handleError('') return handleError('')
...@@ -19,7 +19,8 @@ elif code is not None: ...@@ -19,7 +19,8 @@ elif code is not None:
if response_dict is not None: if response_dict is not None:
access_token = response_dict['access_token'].encode('utf-8') access_token = response_dict['access_token'].encode('utf-8')
hash_str = context.Base_getHMAC(access_token, access_token) hash_str = context.Base_getHMAC(access_token, access_token)
context.REQUEST.RESPONSE.setCookie('__ac_google_hash', hash_str, path='/') response = context.REQUEST.RESPONSE
context.setAuthCookie(response, '__ac_google_hash', hash_str)
# store timestamp in second since the epoch in UTC is enough # store timestamp in second since the epoch in UTC is enough
response_dict["response_timestamp"] = time.time() response_dict["response_timestamp"] = time.time()
context.Base_setBearerToken(hash_str, context.Base_setBearerToken(hash_str,
...@@ -38,8 +39,8 @@ elif code is not None: ...@@ -38,8 +39,8 @@ elif code is not None:
came_from = context.absolute_url() + "/#!login?n.me=%s" % person_relative_url came_from = context.absolute_url() + "/#!login?n.me=%s" % person_relative_url
context.REQUEST.RESPONSE.setHeader('Location', came_from) response.setHeader('Location', came_from)
context.REQUEST.RESPONSE.setStatus(303) response.setStatus(303)
else: else:
return handleError('') return handleError('')
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment