From 4fafa8ae5a7bcd700f368bbe6016e0b0fb2cc892 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Wed, 27 Dec 2017 15:43:33 +0100
Subject: Implement simulation mode for cookies (de/en)cryption

This should close #102

This commit can be useful for two use-cases:

1. When deploying Snuffleupagus on big CMS like Magento, and not knowing
   what cookies are modified via javascript.
2. When deploying Snuffleupagus on big websites: you don't want to disconnect
   every single user at once.

When simulation is enabled, if the decryption fails, a log message is
now issued, and the cookie value taken as it (since odds are that it's
non-encrypted).
---
 src/tests/config/config_encrypted_cookies_simulation.ini | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 src/tests/config/config_encrypted_cookies_simulation.ini

(limited to 'src/tests/config')

diff --git a/src/tests/config/config_encrypted_cookies_simulation.ini b/src/tests/config/config_encrypted_cookies_simulation.ini
new file mode 100644
index 0000000..32e24a1
--- /dev/null
+++ b/src/tests/config/config_encrypted_cookies_simulation.ini
@@ -0,0 +1,3 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.cookie.name("super_cookie").encrypt().simulation();
+sp.auto_cookie_secure.enable();
-- 
cgit v1.3