From 64ec4e72e90840b849ca27d189e5c277dfb1d9a9 Mon Sep 17 00:00:00 2001 From: Andrei Neagu Date: Wed, 9 Oct 2024 14:46:28 +0200 Subject: [PATCH 1/4] remove legacy cookie and renamed cookie --- .../settings-library/src/settings_library/utils_session.py | 3 ++- .../src/simcore_service_webserver/login/_auth_handlers.py | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/packages/settings-library/src/settings_library/utils_session.py b/packages/settings-library/src/settings_library/utils_session.py index 48055810d45..64db01bfea1 100644 --- a/packages/settings-library/src/settings_library/utils_session.py +++ b/packages/settings-library/src/settings_library/utils_session.py @@ -2,7 +2,8 @@ import binascii from typing import Final -DEFAULT_SESSION_COOKIE_NAME: Final[str] = "osparc-sc" +DEFAULT_SESSION_COOKIE_NAME: Final[str] = "osparc-sc-v2" +DEFAULT_SESSION_COOKIE_NAME_LEGACY: Final[str] = "osparc-sc" _32_BYTES_LENGTH: Final[int] = 32 diff --git a/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py b/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py index ca1e1a3a18d..3af450b19c3 100644 --- a/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py +++ b/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py @@ -10,6 +10,7 @@ from servicelib.logging_utils import get_log_record_extra, log_context from servicelib.mimetype_constants import MIMETYPE_APPLICATION_JSON from servicelib.request_keys import RQT_USERID_KEY +from settings_library.utils_session import DEFAULT_SESSION_COOKIE_NAME_LEGACY from simcore_postgres_database.models.users import UserRole from .._meta import API_VTAG @@ -270,7 +271,9 @@ async def login_2fa(request: web.Request): # dispose since code was used await delete_2fa_code(request.app, login_2fa_.email) - return await login_granted_response(request, user=dict(user)) + response = await login_granted_response(request, user=dict(user)) + response.del_cookie(DEFAULT_SESSION_COOKIE_NAME_LEGACY) + return response class LogoutBody(InputSchema): From 8aede74334c4754ae32c75de48a78569311ecfa4 Mon Sep 17 00:00:00 2001 From: Andrei Neagu Date: Wed, 9 Oct 2024 14:48:55 +0200 Subject: [PATCH 2/4] fixed vendor tests --- services/docker-compose-dev-vendors.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/docker-compose-dev-vendors.yml b/services/docker-compose-dev-vendors.yml index cb2e45910eb..5aeb60ac86a 100644 --- a/services/docker-compose-dev-vendors.yml +++ b/services/docker-compose-dev-vendors.yml @@ -17,7 +17,7 @@ services: # auth - traefik.http.middlewares.${SWARM_STACK_NAME}_manual-auth.forwardauth.address=http://${WEBSERVER_HOST}:${WEBSERVER_PORT}/v0/auth:check - traefik.http.middlewares.${SWARM_STACK_NAME}_manual-auth.forwardauth.trustForwardHeader=true - - traefik.http.middlewares.${SWARM_STACK_NAME}_manual-auth.forwardauth.authResponseHeaders=Set-Cookie,osparc-sc + - traefik.http.middlewares.${SWARM_STACK_NAME}_manual-auth.forwardauth.authResponseHeaders=Set-Cookie,osparc-sc-v2 # routing - traefik.http.services.${SWARM_STACK_NAME}_manual.loadbalancer.server.port=80 - traefik.http.services.${SWARM_STACK_NAME}_manual.loadbalancer.healthcheck.path=/ From 0eed0cc705363920ce4c40f06b64a30dbd9fa2f4 Mon Sep 17 00:00:00 2001 From: Andrei Neagu Date: Thu, 10 Oct 2024 10:30:59 +0200 Subject: [PATCH 3/4] revert cookie deletion --- .../src/simcore_service_webserver/login/_auth_handlers.py | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py b/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py index 3af450b19c3..3e662ab8633 100644 --- a/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py +++ b/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py @@ -10,7 +10,6 @@ from servicelib.logging_utils import get_log_record_extra, log_context from servicelib.mimetype_constants import MIMETYPE_APPLICATION_JSON from servicelib.request_keys import RQT_USERID_KEY -from settings_library.utils_session import DEFAULT_SESSION_COOKIE_NAME_LEGACY from simcore_postgres_database.models.users import UserRole from .._meta import API_VTAG @@ -270,10 +269,7 @@ async def login_2fa(request: web.Request): # dispose since code was used await delete_2fa_code(request.app, login_2fa_.email) - - response = await login_granted_response(request, user=dict(user)) - response.del_cookie(DEFAULT_SESSION_COOKIE_NAME_LEGACY) - return response + return await login_granted_response(request, user=dict(user)) class LogoutBody(InputSchema): From e439438dd347f24d6db942a37d9cf68904a86473 Mon Sep 17 00:00:00 2001 From: Andrei Neagu Date: Thu, 10 Oct 2024 10:33:21 +0200 Subject: [PATCH 4/4] revert previous code --- packages/settings-library/src/settings_library/utils_session.py | 1 - .../server/src/simcore_service_webserver/login/_auth_handlers.py | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/settings-library/src/settings_library/utils_session.py b/packages/settings-library/src/settings_library/utils_session.py index 64db01bfea1..5eaf43ff6ec 100644 --- a/packages/settings-library/src/settings_library/utils_session.py +++ b/packages/settings-library/src/settings_library/utils_session.py @@ -3,7 +3,6 @@ from typing import Final DEFAULT_SESSION_COOKIE_NAME: Final[str] = "osparc-sc-v2" -DEFAULT_SESSION_COOKIE_NAME_LEGACY: Final[str] = "osparc-sc" _32_BYTES_LENGTH: Final[int] = 32 diff --git a/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py b/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py index 3e662ab8633..ca1e1a3a18d 100644 --- a/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py +++ b/services/web/server/src/simcore_service_webserver/login/_auth_handlers.py @@ -269,6 +269,7 @@ async def login_2fa(request: web.Request): # dispose since code was used await delete_2fa_code(request.app, login_2fa_.email) + return await login_granted_response(request, user=dict(user))