Set same cookies with same domains on logout as you do on login, in auth_tkt

author: ianb <devnull@localhost> 2008-03-08 21:50:15 +0000
committer: ianb <devnull@localhost> 2008-03-08 21:50:15 +0000
commit: 76be018175929b69da33992804c86c4f5495abf1 (patch)
tree: 660e327fb64a90fd28936fcbe525de2af7776bd6 /paste/auth
parent: ca27faa249268980f7fcc54a7be08bb0b43c7658 (diff)
download: paste-76be018175929b69da33992804c86c4f5495abf1.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/paste/auth/auth_tkt.py b/paste/auth/auth_tkt.py
index c35c379..b1531f2 100644
--- a/paste/auth/auth_tkt.py
+++ b/paste/auth/auth_tkt.py
@@ -299,9 +299,16 @@ class AuthTKTMiddleware(object):
             secure=self.secure)
         # @@: Should we set REMOTE_USER etc in the current
         # environment right now as well?
+        cur_domain = environ.get('HTTP_HOST', environ.get('SERVER_NAME'))
+        wild_domain = '.' + cur_domain
         cookies = [
             ('Set-Cookie', '%s=%s; Path=/' % (
-            self.cookie_name, ticket.cookie_value()))]
+            self.cookie_name, ticket.cookie_value())),
+            ('Set-Cookie', '%s=%s; Path=/; Domain=%s' % (
+            self.cookie_name, ticket.cookie_value(), cur_domain)),
+            ('Set-Cookie', '%s=%s; Path=/; Domain=%s' % (
+            self.cookie_name, ticket.cookie_value(), wild_domain))
+            ]
         return cookies
     
     def logout_user_cookie(self, environ):
author	ianb <devnull@localhost>	2008-03-08 21:50:15 +0000
committer	ianb <devnull@localhost>	2008-03-08 21:50:15 +0000
commit	76be018175929b69da33992804c86c4f5495abf1 (patch)
tree	660e327fb64a90fd28936fcbe525de2af7776bd6 /paste/auth
parent	ca27faa249268980f7fcc54a7be08bb0b43c7658 (diff)
download	paste-76be018175929b69da33992804c86c4f5495abf1.tar.gz