Rooba
/
tornado
mirror of https://github.com/tornadoweb/tornado.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Documentation for key versioning added

This commit is contained in:
Martin Hoefling 2015-04-19 15:13:51 +02:00
parent b5fd020add
commit f3a7816eab
3 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/guide/security.rst
View File

@ -74,6 +74,15 @@ passed separately so that you may e.g. have a cookie that is valid for 30 days
for most purposes, but for certain sensitive actions (such as changing billing for most purposes, but for certain sensitive actions (such as changing billing
information) you use a smaller ``max_age_days`` when reading the cookie. information) you use a smaller ``max_age_days`` when reading the cookie.
Tornado also supports multiple signing keys to enable signing key
rotation. ``cookie_secret`` then must be a dict with integer key versions
as keys and the corresponding secrets as values. The currently used
signing key must then be set as ``key_version`` application setting
but all other keys in the dict are allowed for cookie signature validation,
if the correct key version is set in the cookie.
To implement cookie updates, the current signing key version can be
queried via `~.RequestHandler.get_secure_cookie_key_version`.
.. _user-authentication: .. _user-authentication:
User authentication User authentication

3
docs/releases/next.rst
View File

@ -56,6 +56,9 @@ Backwards-compatibility notes
* Passing ``secure=False`` or ``httponly=False`` to * Passing ``secure=False`` or ``httponly=False`` to
`.RequestHandler.set_cookie` now works as expected (previously only the `.RequestHandler.set_cookie` now works as expected (previously only the
presence of the argument was considered and its value was ignored). presence of the argument was considered and its value was ignored).
* Key versioning support for cookie signing. ``cookie_secret`` application
setting can now contain a dict of valid keys with version as key. The
current signing key then must be specified via ``key_version`` setting.
`tornado.websocket` `tornado.websocket`
~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~

4
docs/web.rst
View File

@ -86,6 +86,7 @@
.. automethod:: RequestHandler.clear_cookie .. automethod:: RequestHandler.clear_cookie
.. automethod:: RequestHandler.clear_all_cookies .. automethod:: RequestHandler.clear_all_cookies
.. automethod:: RequestHandler.get_secure_cookie .. automethod:: RequestHandler.get_secure_cookie
.. automethod:: RequestHandler.get_secure_cookie_key_version
.. automethod:: RequestHandler.set_secure_cookie .. automethod:: RequestHandler.set_secure_cookie
.. automethod:: RequestHandler.create_signed_value .. automethod:: RequestHandler.create_signed_value
.. autodata:: MIN_SUPPORTED_SIGNED_VALUE_VERSION .. autodata:: MIN_SUPPORTED_SIGNED_VALUE_VERSION
@ -177,6 +178,9 @@
* ``cookie_secret``: Used by `RequestHandler.get_secure_cookie` * ``cookie_secret``: Used by `RequestHandler.get_secure_cookie`
and `.set_secure_cookie` to sign cookies. and `.set_secure_cookie` to sign cookies.
* ``key_version``: Used by requestHandler `.set_secure_cookie`
to sign cookies with a specific key when ``cookie_secret``
is a key dictionary.
* ``login_url``: The `authenticated` decorator will redirect * ``login_url``: The `authenticated` decorator will redirect
to this url if the user is not logged in. Can be further to this url if the user is not logged in. Can be further
customized by overriding `RequestHandler.get_login_url` customized by overriding `RequestHandler.get_login_url`