| authentication.hpp (8f5df132a70b47c2f299cb216812ec83d4fc1197) | authentication.hpp (29aab242f2d35891bd808e057e33b328989836d3) |
|---|---|
| 1#pragma once 2 | 1#pragma once 2 |
| 3#include "cookies.hpp" |
|
| 3#include "forward_unauthorized.hpp" 4#include "http_request.hpp" 5#include "http_response.hpp" 6#include "http_utility.hpp" 7#include "pam_authenticate.hpp" 8#include "webroutes.hpp" 9 10#include <boost/container/flat_set.hpp> --- 181 unchanged lines hidden (view full) --- 192 // set cookie only if this is req from the browser. 193 if (reqHeader["User-Agent"].empty()) 194 { 195 BMCWEB_LOG_DEBUG(" TLS session: {} will be used for this request.", 196 sp->uniqueId); 197 return sp; 198 } 199 // TODO: change this to not switch to cookie auth | 4#include "forward_unauthorized.hpp" 5#include "http_request.hpp" 6#include "http_response.hpp" 7#include "http_utility.hpp" 8#include "pam_authenticate.hpp" 9#include "webroutes.hpp" 10 11#include <boost/container/flat_set.hpp> --- 181 unchanged lines hidden (view full) --- 193 // set cookie only if this is req from the browser. 194 if (reqHeader["User-Agent"].empty()) 195 { 196 BMCWEB_LOG_DEBUG(" TLS session: {} will be used for this request.", 197 sp->uniqueId); 198 return sp; 199 } 200 // TODO: change this to not switch to cookie auth |
| 201 bmcweb::setSessionCookies(res, *sp); |
|
| 200 res.addHeader(boost::beast::http::field::set_cookie, | 202 res.addHeader(boost::beast::http::field::set_cookie, |
| 201 "XSRF-TOKEN=" + sp->csrfToken + 202 "; SameSite=Strict; Secure"); 203 res.addHeader(boost::beast::http::field::set_cookie, 204 "SESSION=" + sp->sessionToken + 205 "; SameSite=Strict; Secure; HttpOnly"); 206 res.addHeader(boost::beast::http::field::set_cookie, | |
| 207 "IsAuthenticated=true; Secure"); 208 BMCWEB_LOG_DEBUG( 209 " TLS session: {} with cookie will be used for this request.", 210 sp->uniqueId); 211 return sp; 212 } 213 return nullptr; 214} --- 100 unchanged lines hidden --- | 203 "IsAuthenticated=true; Secure"); 204 BMCWEB_LOG_DEBUG( 205 " TLS session: {} with cookie will be used for this request.", 206 sp->uniqueId); 207 return sp; 208 } 209 return nullptr; 210} --- 100 unchanged lines hidden --- |