From 832756a184dd8a73b0de8bd28af98d7a6a088c52 Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Wed, 16 Mar 2022 12:43:07 +0000 Subject: [PATCH] Bug 29957: Adjust push @$cookie statements in Auth We can now use $cookie_mgr->replace_in_list instead. This effectively removes duplicates and keeps the newest cookie. Note: In the test plan below we are just verifying if this patch did not change behavior. The replace_in_list routine has been tested already in a unit test. Test plan: Run t/db_dependent/Auth.t Login at OPAC. Hit some opac and staff pages. Perform an Advanced search on OPAC. Check cookies in browser. Logout. Check cookies again. Verify with your do_not_remove_cookie lines in koha-conf.xml. Signed-off-by: Marcel de Rooy Signed-off-by: Nick Clemens Signed-off-by: Martin Renvoize Signed-off-by: Fridolin Somers --- C4/Auth.pm | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index aa57a26e60..561c376bb4 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -157,6 +157,8 @@ sub get_template_and_user { my ( $user, $cookie, $sessionID, $flags ); $cookie = []; + my $cookie_mgr = Koha::CookieManager->new; + # Get shibboleth login attribute my $shib = C4::Context->config('useshibboleth') && shib_ok(); my $shib_login = $shib ? get_login_shib() : undef; @@ -245,13 +247,12 @@ sub get_template_and_user { if ($kick_out) { $template = C4::Templates::gettemplate( 'opac-auth.tt', 'opac', $in->{query} ); - push @$cookie, $in->{query}->cookie( + $cookie = $cookie_mgr->replace_in_list( $cookie, $in->{query}->cookie( -name => 'CGISESSID', -value => '', - -expires => '', -HttpOnly => 1, -secure => ( C4::Context->https_enabled() ? 1 : 0 ), - ); + )); $template->param( loginprompt => 1, @@ -656,7 +657,7 @@ sub get_template_and_user { # what to do my $language = C4::Languages::getlanguage( $in->{'query'} ); my $languagecookie = C4::Templates::getlanguagecookie( $in->{'query'}, $language ); - push @{$cookie}, $languagecookie; + $cookie = $cookie_mgr->replace_in_list( $cookie, $languagecookie ); } return ( $template, $borrowernumber, $cookie, $flags ); @@ -868,13 +869,12 @@ sub checkauth { if ( !$shib and defined( $ENV{'REMOTE_USER'} ) and $ENV{'REMOTE_USER'} ne '' and $userid = $ENV{'REMOTE_USER'} ) { # Using Basic Authentication, no cookies required - push @$cookie, $query->cookie( + $cookie = $cookie_mgr->replace_in_list( $cookie, $query->cookie( -name => 'CGISESSID', -value => '', - -expires => '', -HttpOnly => 1, -secure => ( C4::Context->https_enabled() ? 1 : 0 ), - ); + )); $loggedin = 1; } elsif ( $emailaddress) { @@ -927,12 +927,12 @@ sub checkauth { } } else { - push @$cookie, $query->cookie( + $cookie = $cookie_mgr->replace_in_list( $cookie, $query->cookie( -name => 'CGISESSID', -value => $session->id, -HttpOnly => 1, -secure => ( C4::Context->https_enabled() ? 1 : 0 ), - ); + )); $flags = haspermission( $userid, $flagsrequired ); if ($flags) { @@ -971,12 +971,12 @@ sub checkauth { $sessionID = $session->id; C4::Context->_new_userenv($sessionID); - push @$cookie, $query->cookie( + $cookie = $cookie_mgr->replace_in_list( $cookie, $query->cookie( -name => 'CGISESSID', -value => $sessionID, -HttpOnly => 1, -secure => ( C4::Context->https_enabled() ? 1 : 0 ), - ); + )); my $pki_field = C4::Context->preference('AllowPKIAuth'); if ( !defined($pki_field) ) { print STDERR "ERROR: Missing system preference AllowPKIAuth.\n"; @@ -1171,12 +1171,12 @@ sub checkauth { $domain =~ s|\.\*||g; if ( $ip !~ /^$domain/ ) { $loggedin = 0; - push @$cookie, $query->cookie( + $cookie = $cookie_mgr->replace_in_list( $cookie, $query->cookie( -name => 'CGISESSID', -value => '', -HttpOnly => 1, -secure => ( C4::Context->https_enabled() ? 1 : 0 ), - ); + )); $info{'wrongip'} = 1; } } @@ -1260,12 +1260,12 @@ sub checkauth { { # successful login unless (@$cookie) { - push @$cookie, $query->cookie( + $cookie = $cookie_mgr->replace_in_list( $cookie, $query->cookie( -name => 'CGISESSID', -value => '', -HttpOnly => 1, -secure => ( C4::Context->https_enabled() ? 1 : 0 ), - ); + )); } track_login_daily( $userid ); -- 2.39.5