From a9f4585a3694ec44dfd737f1973460b315d76d92 Mon Sep 17 00:00:00 2001 From: mdipierro Date: Thu, 4 Oct 2012 15:12:52 -0500 Subject: [PATCH] Auth(secure=True), thanks Yarin and Niphlod --- VERSION | 2 +- gluon/main.py | 7 +++++-- gluon/tools.py | 5 ++++- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/VERSION b/VERSION index 03e7cffc..aea45ed4 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -Version 2.0.9 (2012-10-04 15:06:45) dev +Version 2.0.9 (2012-10-04 15:12:44) dev diff --git a/gluon/main.py b/gluon/main.py index 459ccf89..0b68753d 100644 --- a/gluon/main.py +++ b/gluon/main.py @@ -123,6 +123,8 @@ except: load() +HTTPS_SCHEMES = set(('https','HTTPS')) + def get_client(env): """ guess the client address from the environment variables @@ -445,8 +447,9 @@ def wsgibase(environ, responder): ajax = x_req_with == 'xmlhttprequest', cid = env.http_web2py_component_element, is_local = env.remote_addr in local_hosts, - is_https = env.wsgi_url_scheme \ - in ['https', 'HTTPS'] or env.https=='on') + is_https = env.wsgi_url_scheme in HTTPS_SCHEMES \ + or request.env.http_x_forwarded_proto in HTTPS_SCHEMES \ + or env.https=='on') request.uuid = request.compute_uuid() # requires client request.url = environ['PATH_INFO'] diff --git a/gluon/tools.py b/gluon/tools.py index 6e410446..b21d81c0 100644 --- a/gluon/tools.py +++ b/gluon/tools.py @@ -1050,7 +1050,7 @@ class Auth(object): def __init__(self, environment=None, db=None, mailer=True, hmac_key=None, controller='default', function='user', - cas_provider=None, signature=True): + cas_provider=None, signature=True, secure=False): """ auth=Auth(db) @@ -1070,6 +1070,9 @@ class Auth(object): session = current.session auth = session.auth self.user_groups = auth and auth.user_groups or {} + if secure and not request.is_https: + session.secure() + redirect(URL(args=request.args,vars=request.vars,scheme='http')) if auth and auth.last_visit and auth.last_visit + \ datetime.timedelta(days=0, seconds=auth.expiration) > request.now: self.user = auth.user