summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCorentin LABBE <clabbe@baylibre.com>2018-07-30 09:44:57 +0200
committerCorentin LABBE <clabbe@baylibre.com>2018-07-30 09:44:57 +0200
commite2a93eae5955f294d4e37b7b653fb6fd86d72a61 (patch)
treed99765933a53ed2f10ce4ec2408fe9bf20acdb4e
parent61a473fb56ef7418314385df7b72cd58e40a2ff2 (diff)
Fix login failure on https
When login on LAVA via https, a CSRF failure is done. This is due to missing CSRF_TRUSTED_ORIGINS.
-rwxr-xr-xlavalab-gen.py3
1 files changed, 2 insertions, 1 deletions
diff --git a/lavalab-gen.py b/lavalab-gen.py
index 2d21fe7..597bd1a 100755
--- a/lavalab-gen.py
+++ b/lavalab-gen.py
@@ -68,6 +68,7 @@ template_settings_conf = string.Template("""
"HTTPS_XML_RPC": false,
"LOGIN_URL": "/accounts/login/",
"LOGIN_REDIRECT_URL": "/",
+ "CSRF_TRUSTED_ORIGINS": ["$lava_http_fqdn"],
"CSRF_COOKIE_SECURE": $cookie_secure,
"SESSION_COOKIE_SECURE": $session_cookie_secure
}
@@ -146,7 +147,7 @@ def main():
f_fqdn.write(lava_http_fqdn)
f_fqdn.close()
fsettings = open("%s/settings.conf" % workerdir, 'w')
- fsettings.write(template_settings_conf.substitute(cookie_secure=cookie_secure, session_cookie_secure=session_cookie_secure))
+ fsettings.write(template_settings_conf.substitute(cookie_secure=cookie_secure, session_cookie_secure=session_cookie_secure, lava_http_fqdn=lava_http_fqdn))
fsettings.close()
master_use_zmq_auth = False
if "zmq_auth" in worker: