Skip to content

Commit dc02085

Browse files
committed
feat(auth): add cookie to identify authenticated browsers
1 parent 4cbcd83 commit dc02085

File tree

2 files changed

+14
-1
lines changed

2 files changed

+14
-1
lines changed

intranet/apps/auth/views.py

+12-1
Original file line numberDiff line numberDiff line change
@@ -234,7 +234,18 @@ def post(self, request):
234234
return redirect("welcome")
235235

236236
next_page = request.POST.get("next", request.GET.get("next", default_next_page))
237-
return redirect(next_page)
237+
238+
response = redirect(next_page)
239+
response.set_cookie(
240+
"ion_authenticated",
241+
value=settings.ION_AUTHENTICATED_COOKIE_VALUE,
242+
max_age=60 * 60 * 24 * 365 * 5, # 5 years
243+
secure=True,
244+
httponly=True,
245+
samesite="Lax",
246+
)
247+
248+
return response
238249
else:
239250
log_auth(request, "failed")
240251
logger.info("Login failed as %s", request.POST.get("username", "unknown"))

intranet/settings/__init__.py

+2
Original file line numberDiff line numberDiff line change
@@ -156,6 +156,8 @@
156156
SESSION_COOKIE_SECURE = PRODUCTION
157157
CSRF_COOKIE_SECURE = PRODUCTION
158158

159+
ION_AUTHENTICATED_COOKIE_VALUE = "ion_dev_test" # Set to a random value in production. Used for balancer rate limiting.
160+
159161
if not PRODUCTION:
160162
# We don't care about session security when running a testing instance.
161163
SECRET_KEY = "_5kc##e7(!4=4)h4slxlgm010l+43zd_84g@82771ay6no-1&i"

0 commit comments

Comments
 (0)