github
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/829#issuecomment-642217520 | https://api.github.com/repos/simonw/datasette/issues/829 | 642217520 | MDEyOklzc3VlQ29tbWVudDY0MjIxNzUyMA== | 9599 | 2020-06-10T19:41:35Z | 2020-06-10T19:41:35Z | OWNER | I didn't bother with the alternative epoch - it only shaves off two or three bytes from the cookie. Documentation for the new `ds_actor` cookie shape is here: https://datasette.readthedocs.io/en/latest/authentication.html#the-ds-actor-cookie | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642178604 | https://api.github.com/repos/simonw/datasette/issues/829 | 642178604 | MDEyOklzc3VlQ29tbWVudDY0MjE3ODYwNA== | 9599 | 2020-06-10T18:18:36Z | 2020-06-10T18:20:19Z | OWNER | Even shorter: encode an integer that is the difference between that expiry timestamp and a more recent epoch - June 1st 2020 will do. ``` >>> import datetime, calendar >>> calendar.timegm(datetime.date(2020, 6, 1).timetuple()) 1590969600 >>> import baseconv >>> baseconv.base62.encode(int(time.time() - 1590969600)) '3XST' ``` | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642176180 | https://api.github.com/repos/simonw/datasette/issues/829 | 642176180 | MDEyOklzc3VlQ29tbWVudDY0MjE3NjE4MA== | 9599 | 2020-06-10T18:14:02Z | 2020-06-10T18:14:15Z | OWNER | And the `e` key can be `null`or missing for "never expires". | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642175892 | https://api.github.com/repos/simonw/datasette/issues/829 | 642175892 | MDEyOklzc3VlQ29tbWVudDY0MjE3NTg5Mg== | 9599 | 2020-06-10T18:13:26Z | 2020-06-10T18:13:26Z | OWNER | I'm going with `expires_at` - except to keep the cookies shorter the key will be called `e` and the actor will go in `a`, like this: ```json { "e": "1UuHoo", "a": {"id": "root"} } ``` That `e` value is a base64 encoded expiry integer timestamp (again for a shorter cookie) - using https://pypi.org/project/python-baseconv/ | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642174272 | https://api.github.com/repos/simonw/datasette/issues/829 | 642174272 | MDEyOklzc3VlQ29tbWVudDY0MjE3NDI3Mg== | 9599 | 2020-06-10T18:10:13Z | 2020-06-10T18:10:13Z | OWNER | Some options: - Redesign the `ds_actor` cookie to be `{"expires_at": 1591811250, "actor": ...}` - check if it has expired in that default `actor_from_request` hook - Let plugins set an additional cookie of some sort - Expect plugins that care about this to set a cookie with a different name and implement their own `actor_from_request` against that | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642161210 | https://api.github.com/repos/simonw/datasette/issues/829 | 642161210 | MDEyOklzc3VlQ29tbWVudDY0MjE2MTIxMA== | 9599 | 2020-06-10T17:45:58Z | 2020-06-10T17:45:58Z | OWNER | `itsdangerous` has this ability but you specify the max-age when you call unsign: https://itsdangerous.palletsprojects.com/en/1.1.x/timed/ > s.unsign(string, max_age=5) > Traceback (most recent call last): > ... > itsdangerous.exc.SignatureExpired: Signature age 15 > 5 seconds I currently only decode the `ds_actor` cookie in one place: https://github.com/simonw/datasette/blob/d828abaddec0dce3ec4b4eeddc3a74384e52cf34/datasette/actor_auth_cookie.py#L5-L12 If plugins want to be able to set their own policies on how long the `ds_actor` cookie should remain valid, how do I know to listen to them when decoding the cookie here? | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 |