From 8b5e90bb0f9019d64979ee47def952f2faa77773 Mon Sep 17 00:00:00 2001
From: g0dsCookie <g0dscookie@cookieprojects.de>
Date: Fri, 17 May 2019 08:48:34 +0200
Subject: [PATCH] Allow custom cookie domain

---
 Dockerfile         | 1 +
 README.md          | 1 +
 docker-compose.yml | 2 ++
 ldapauthd.py       | 3 +++
 4 files changed, 7 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 83bf2f3..98c0a0e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,6 +17,7 @@ ENV LDAPAUTHD_LOGLEVEL=INFO \
     LDAPAUTHD_PORT=80 \
     LDAPAUTHD_REALM=Authorization\ required \
     LDAPAUTHD_SESSION_STORAGE=memcached \
+    LDAPAUTHD_SESSION_DOMAIN= \
     LDAPAUTHD_SESSION_HOST=sessiondb:11211 \
     LDAPAUTHD_SESSION_TTL=900 \
     LDAP_LOGLEVEL=ERROR \
diff --git a/README.md b/README.md
index 0e00386..fcd929b 100644
--- a/README.md
+++ b/README.md
@@ -80,6 +80,7 @@ Configuration for this daemon is read from the current environment. Available co
 | LDAPAUTHD_USER              | User the daemon should be run with.              | nobody                 |
 | LDAPAUTHD_REALM             | String to set in WWW-Authenticate.               | Authorization required |
 | LDAPAUTHD_SESSION_STORAGE   | Choose session storage backend. Available: memcached | memcached          |
+| LDAPAUTHD_SESSION_DOMAIN    | Set domain for your session cookie.              |                        |
 | LDAPAUTHD_SESSION_HOST      | Host address of your session storage.            | localhost:11211        |
 | LDAPAUTHD_SESSION_TTL       | Maximum TTL for sessions in seconds.             | 900                    |
 | LDAP_LOGLEVEL               | https://ldap3.readthedocs.io/logging.html#logging-detail-level | ERROR    |
diff --git a/docker-compose.yml b/docker-compose.yml
index 71d5bcf..6ce2019 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -19,6 +19,8 @@ services:
       #- LDAPAUTHD_REALM=Authorization required
       # Choose session storage backend. Available: memcached
       #- LDAPAUTHD_SESSION_STORAGE=memcached
+      # Set domain for your session cookie.
+      #- LDAPAUTHD_SESSION_DOMAIN=
       # Host address of your session storage.
       #- LDAPAUTHD_SESSION_HOST=sessiondb:11211
       # Maximum TTL for sessions in seconds.
diff --git a/ldapauthd.py b/ldapauthd.py
index 1d56c0b..e251368 100755
--- a/ldapauthd.py
+++ b/ldapauthd.py
@@ -315,6 +315,8 @@ def do_GET(self):
 
             cookie = SimpleCookie()
             cookie["_ldapauthd_sess"] = self.session_id
+            if cookie_domain:
+                cookie["_ldapauthd_sess"]["domain"] = cookie_domain
 
             self.send_response(307)
             self.send_header("Set-Cookie", cookie["_ldapauthd_sess"].OutputString())
@@ -385,6 +387,7 @@ def to_lower_dict(data):
     logging.basicConfig(format="%(asctime)-15s %(name)s [%(levelname)s]: %(message)s")
 
     realm = os.getenv("LDAPAUTHD_REALM", "Authorization required")
+    cookie_domain = os.getenv("LDAPAUTHD_SESSION_DOMAIN", None)
 
     sessions = SessionHandlerBase.get_handler()
     sessions.run()