From b0d0ed0505516c1cf98d604c116b66ea64aee627 Mon Sep 17 00:00:00 2001 From: MinRK Date: Tue, 28 May 2013 13:34:08 -0700 Subject: [PATCH 1/2] make cookie_secret configurable allows config to specify logins that survive across server instances (default behavior unchanged). Depends on PR #3372 --- IPython/frontend/html/notebook/notebookapp.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/IPython/frontend/html/notebook/notebookapp.py b/IPython/frontend/html/notebook/notebookapp.py index 7ba521042..f652ddcd1 100644 --- a/IPython/frontend/html/notebook/notebookapp.py +++ b/IPython/frontend/html/notebook/notebookapp.py @@ -83,7 +83,7 @@ from IPython.utils.importstring import import_item from IPython.utils.localinterfaces import LOCALHOST from IPython.utils import submodule from IPython.utils.traitlets import ( - Dict, Unicode, Integer, List, Bool, + Dict, Unicode, Integer, List, Bool, Bytes, DottedObjectName ) from IPython.utils import py3compat @@ -164,7 +164,7 @@ class NotebookWebApplication(web.Application): static_url_prefix = url_path_join(base_project_url,'/static/'), # authentication - cookie_secret=os.urandom(1024), + cookie_secret=ipython_app.cookie_secret, login_url=url_path_join(base_project_url,'/login'), read_only=ipython_app.read_only, password=ipython_app.password, @@ -338,6 +338,15 @@ class NotebookApp(BaseIPythonApplication): keyfile = Unicode(u'', config=True, help="""The full path to a private key file for usage with SSL/TLS.""" ) + + cookie_secret = Bytes(b'', config=True, + help="""The random bytes used to secure cookies. + By default this is a new random number every time you start the Notebook. + Set it to a value in a config file to enable logins to persist across server sessions. + """ + ) + def _cookie_secret_default(self): + return os.urandom(1024) password = Unicode(u'', config=True, help="""Hashed password to use for web authentication. From 1f841c64e5f7230a585129086f364dd077abd27c Mon Sep 17 00:00:00 2001 From: MinRK Date: Tue, 4 Jun 2013 14:37:19 -0700 Subject: [PATCH 2/2] add note about sharing config files with cookie_secret --- IPython/frontend/html/notebook/notebookapp.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/IPython/frontend/html/notebook/notebookapp.py b/IPython/frontend/html/notebook/notebookapp.py index f652ddcd1..b5ed02693 100644 --- a/IPython/frontend/html/notebook/notebookapp.py +++ b/IPython/frontend/html/notebook/notebookapp.py @@ -343,6 +343,9 @@ class NotebookApp(BaseIPythonApplication): help="""The random bytes used to secure cookies. By default this is a new random number every time you start the Notebook. Set it to a value in a config file to enable logins to persist across server sessions. + + Note: Cookie secrets should be kept private, do not share config files with + cookie_secret stored in plaintext (you can read the value from a file). """ ) def _cookie_secret_default(self):