Commits for angie
switch to files view, user index
v333_preview2 to v333_base (2016-05-16 to 2016-05-23) v333
Show details
ce16fc5a8df55c02029781b267936bde5110264e Mon May 16 12:04:05 2016 -0700
- Oops, cartLoadUserSession is called before cartWriteCookie, so it needs to call loginSystemValidateCookies first.
refs #17327
46b4e2937954d44c12dcb496a140608316959d21 Mon May 16 13:58:14 2016 -0700
- duh, if loginSystem is not enabled, we cannot use the gbMembers table. refs #17327
185dbcc2ba84d6eb1301163b926ebed3177cd379 Thu May 19 04:42:20 2016 -0700
- Several revisions to login cookie-checking after helpful code review by Max:
Use /dev/urandom instead of srand(clock1000()), duh.
Instead of forming cookie strings in both wikiLink.c and hgLogin.c,
form them all in wikiLink.c so they're consistent. The wikiLink
routines now return (possibly empty) slName lists of cookie strings
to be set.
The login system uses new cookie names that default to a concatentation
of central.cookie (which needs to have one name per central database,
like hguid for RR hgcentral and hguid.genome-test for hgcentraltest)
and either optional new config params login.tokenCookie and
login.userNameCookie or central.cookie concatenated with hgLoginToken and
hgLoginUserName (because login uses the central db, so it's different for
hgwdev vs RR). If those cookies are not set but the wiki cookies are set,
then we accept the wiki cookie values and send out the new cookies,
removing the wiki cookies the first time that happens.
The login system no longer depends on any wiki.* hg.conf settings.
refs #17336, #17327
- src/hg/hgLogin/hgLogin.c - lines changed 77, context: html, text, full: html, text
- src/hg/hgLogin/hgLogin.h - lines changed 1, context: html, text, full: html, text
- src/hg/hgSession/hgSession.c - lines changed 3, context: html, text, full: html, text
- src/hg/lib/wikiLink.c - lines changed 223, context: html, text, full: html, text
0cedad8cd900ffc7748341d00d99a589f9d19880 Thu May 19 12:19:44 2016 -0700
- Separated out Galt's autoUpgrade code that robustly attempts to add a column to a table into a new lib module. refs #17336 note-11
- src/hg/inc/autoUpgrade.h - lines changed 19, context: html, text, full: html, text
- src/hg/lib/autoUpgrade.c - lines changed 107, context: html, text, full: html, text
ecd6e5bc9b85bcbafb08da0c1dae876b284ba69c Fri May 20 16:17:00 2016 -0700
- New random-token method for login (HT Max & Galt): instead of requiring a new table gbMemberToken, use autoUpgrade to add a new column (keyList) to gbMembers that contains a list of long random keys, analogous to userDb and sessionDb's sessionKey (see cartDb.c). The token cookie now includes both gbMembers.idx (for fast lookup) and the long random key, similar to the hguid cookie and hgsid CGI param. keyList is a list in order to support user login on multiple web clients. refs #17327 #17336 note-11
- src/hg/hgLogin/hgLogin.c - lines changed 3, context: html, text, full: html, text
- src/hg/inc/autoUpgrade.h - lines changed 2, context: html, text, full: html, text
- src/hg/lib/gbMemberToken.as - lines changed 8, context: html, text, full: html, text
- src/hg/lib/gbMemberToken.c - lines changed 139, context: html, text, full: html, text
- src/hg/lib/gbMemberToken.h - lines changed 66, context: html, text, full: html, text
- src/hg/lib/gbMemberToken.sql - lines changed 14, context: html, text, full: html, text
- src/hg/lib/wikiLink.c - lines changed 256, context: html, text, full: html, text
switch to files view, user index