From e2a93eae5955f294d4e37b7b653fb6fd86d72a61 Mon Sep 17 00:00:00 2001
From: Corentin LABBE <clabbe@baylibre.com>
Date: Mon, 30 Jul 2018 09:44:57 +0200
Subject: Fix login failure on https

When login on LAVA via https, a CSRF failure is done.
This is due to missing CSRF_TRUSTED_ORIGINS.
---
 lavalab-gen.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'lavalab-gen.py')

diff --git a/lavalab-gen.py b/lavalab-gen.py
index 2d21fe7..597bd1a 100755
--- a/lavalab-gen.py
+++ b/lavalab-gen.py
@@ -68,6 +68,7 @@ template_settings_conf = string.Template("""
     "HTTPS_XML_RPC": false,
     "LOGIN_URL": "/accounts/login/",
     "LOGIN_REDIRECT_URL": "/",
+    "CSRF_TRUSTED_ORIGINS": ["$lava_http_fqdn"],
     "CSRF_COOKIE_SECURE": $cookie_secure,
     "SESSION_COOKIE_SECURE": $session_cookie_secure
 }
@@ -146,7 +147,7 @@ def main():
         f_fqdn.write(lava_http_fqdn)
         f_fqdn.close()
         fsettings = open("%s/settings.conf" % workerdir, 'w')
-        fsettings.write(template_settings_conf.substitute(cookie_secure=cookie_secure, session_cookie_secure=session_cookie_secure))
+        fsettings.write(template_settings_conf.substitute(cookie_secure=cookie_secure, session_cookie_secure=session_cookie_secure, lava_http_fqdn=lava_http_fqdn))
         fsettings.close()
         master_use_zmq_auth = False
         if "zmq_auth" in worker:
-- 
cgit 1.2.3-korg