Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document the ds_actor signed cookie #826

Closed
simonw opened this issue Jun 9, 2020 · 3 comments
Closed

Document the ds_actor signed cookie #826

simonw opened this issue Jun 9, 2020 · 3 comments
Labels
authentication-and-permissions documentation
Milestone
Datasette 0.44

Comments

@simonw
Copy link
Owner

simonw commented Jun 9, 2020

Most authentication plugins (https://github.com/simonw/datasette-auth-github for example) are likely to work by setting the ds_actor signed cookie, which is already magically decoded and supported by default Datasette here:

datasette/datasette/actor_auth_cookie.py

Lines 1 to 13 in 4fa7cf6

from datasette import hookimpl
from itsdangerous import BadSignature
from http.cookies import SimpleCookie
@hookimpl
def actor_from_request(datasette, request):
if "ds_actor" not in request.cookies:
return None
try:
return datasette.unsign(request.cookies["ds_actor"], "actor")
except BadSignature:
return None

I should document this.
@simonw simonw added this to the Datasette 0.44 milestone Jun 9, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 9, 2020
edited
Loading

I should probably add a utility function for setting that cookie - right now the only code that does that is here:

datasette/datasette/views/special.py

Lines 63 to 76 in dfff34e

if secrets.compare_digest(token, self.ds._root_token):
self.ds._root_token = None
cookie = SimpleCookie()
cookie["ds_actor"] = self.ds.sign({"id": "root"}, "actor")
cookie["ds_actor"]["path"] = "/"
response = Response(
body="",
status=302,
headers={
"Location": "/",
"set-cookie": cookie.output(header="").lstrip(),
},
)
return response

@simonw
Copy link
Owner Author

simonw commented Jun 9, 2020
edited
Loading

Also a good reminder that I need a set_cookie() function (#795) so I don't have to mess around with SimpleCookie directly.

@simonw simonw closed this as completed in b5f04f4 Jun 9, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 9, 2020

https://datasette.readthedocs.io/en/latest/authentication.html#the-ds-actor-cookie

simonw added a commit that referenced this issue Jun 12, 2020
@simonw
Release Datasette 0.44
b906030 
Refs #395, #519, #576, #699, #706, #774, #777, #781, #784, #788, #790, #797,
#798, #800, #802, #804, #819, #822, #825, #826, #827, #828, #829, #830,
#833, #836, #837, #839

Closes #806.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
authentication-and-permissions documentation
Projects
None yet
Milestone
Datasette 0.44
Development

No branches or pull requests
1 participant
@simonw