Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Document the ds_actor signed cookie #826

Closed
simonw opened this issue Jun 9, 2020 · 3 comments
Closed

Document the ds_actor signed cookie #826

simonw opened this issue Jun 9, 2020 · 3 comments
Labels
authentication-and-permissions documentation
Milestone
Datasette 0.44

Comments

@simonw
Copy link
Owner

simonw commented Jun 9, 2020

Most authentication plugins (https://github.com/simonw/datasette-auth-github for example) are likely to work by setting the ds_actor signed cookie, which is already magically decoded and supported by default Datasette here:

datasette/datasette/actor_auth_cookie.py

Lines 1 to 13 in 4fa7cf6

from datasette import hookimpl
from itsdangerous import BadSignature
from http.cookies import SimpleCookie
@hookimpl
def actor_from_request(datasette, request):
if "ds_actor" not in request.cookies:
return None
try:
return datasette.unsign(request.cookies["ds_actor"], "actor")
except BadSignature:
return None

I should document this.
@simonw simonw added this to the Datasette 0.44 milestone Jun 9, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 9, 2020
edited
Loading

I should probably add a utility function for setting that cookie - right now the only code that does that is here:

datasette/datasette/views/special.py

Lines 63 to 76 in dfff34e

if secrets.compare_digest(token, self.ds._root_token):
self.ds._root_token = None
cookie = SimpleCookie()
cookie["ds_actor"] = self.ds.sign({"id": "root"}, "actor")
cookie["ds_actor"]["path"] = "/"
response = Response(
body="",
status=302,
headers={
"Location": "/",
"set-cookie": cookie.output(header="").lstrip(),
},
)
return response

@simonw
Copy link
Owner Author

simonw commented Jun 9, 2020
edited
Loading

Also a good reminder that I need a set_cookie() function (#795) so I don't have to mess around with SimpleCookie directly.

@simonw simonw closed this as completed in b5f04f4 Jun 9, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 9, 2020

https://datasette.readthedocs.io/en/latest/authentication.html#the-ds-actor-cookie

simonw added a commit that referenced this issue Jun 12, 2020
@simonw
Release Datasette 0.44
b906030 
Refs #395, #519, #576, #699, #706, #774, #777, #781, #784, #788, #790, #797,
#798, #800, #802, #804, #819, #822, #825, #826, #827, #828, #829, #830,
#833, #836, #837, #839

Closes #806.
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
authentication-and-permissions documentation
Projects
None yet
Milestone
Datasette 0.44
Development

No branches or pull requests
1 participant
@simonw