From 61fc16dec8af612fa485f211158cc352cdfe8fee Mon Sep 17 00:00:00 2001
From: Kirill Solomko <ksolomko@sipwise.com>
Date: Sat, 29 May 2021 16:47:27 +0200
Subject: [PATCH] TT#122000 split session cookies per realm

* new Plugin Catalyst/Plugin/NGCP/RealmCookie.pm
  that extends Catalyst::Plugin::Session::State::Cookie
  and overloads methods responsible for cookie_name creation.
  It uses NGCP_REALM fastcgi header to append it to the cookie name.
  Empty cookie with name "appprefix"_session is suppressed on Session
  pre-setup.
* Base cookie_name is now set to 'ngcp-panel'

Change-Id: I6b4c10c5e1728d0dd7a6398bf5191925d5b904f6
---
 lib/Catalyst/Plugin/NGCP/RealmCookie.pm | 43 +++++++++++++++++++++++++
 lib/NGCP/Panel.pm                       |  3 +-
 2 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 lib/Catalyst/Plugin/NGCP/RealmCookie.pm

diff --git a/lib/Catalyst/Plugin/NGCP/RealmCookie.pm b/lib/Catalyst/Plugin/NGCP/RealmCookie.pm
new file mode 100644
index 0000000000..2069f53488
--- /dev/null
+++ b/lib/Catalyst/Plugin/NGCP/RealmCookie.pm
@@ -0,0 +1,43 @@
+package Catalyst::Plugin::NGCP::RealmCookie;
+use Moose;
+use namespace::autoclean;
+extends 'Catalyst::Plugin::Session::State::Cookie';
+
+# prevents creation of an empty ..._session cookies during
+# session pre-setup
+sub setup_session {
+    my $c = shift;
+
+    $c->maybe::next::method(@_);
+
+    return;
+}
+
+sub get_cookie_name {
+    my $c = shift;
+    my $ngcp_api_realm = $c->request->env->{NGCP_REALM} // "";
+
+    my $cookie_name = $c->_session_plugin_config->{cookie_name} //
+                        Catalyst::Utils::appprefix($c);
+    $cookie_name .= $ngcp_api_realm ? '_'.$ngcp_api_realm : '';
+    return $cookie_name;
+}
+
+sub update_session_cookie {
+    my ( $c, $updated ) = @_;
+
+    unless ( $c->cookie_is_rejecting( $updated ) ) {
+        my $cookie_name = $c->get_cookie_name;
+        $c->response->cookies->{$cookie_name} = $updated;
+    }
+}
+
+sub get_session_cookie {
+    my $c = shift;
+
+    my $cookie_name = $c->get_cookie_name;
+
+    return $c->request->cookies->{$cookie_name};
+}
+
+1;
diff --git a/lib/NGCP/Panel.pm b/lib/NGCP/Panel.pm
index 3ac04d6fed..71793bbae6 100644
--- a/lib/NGCP/Panel.pm
+++ b/lib/NGCP/Panel.pm
@@ -25,7 +25,7 @@ use Catalyst qw/
     Authorization::Roles
     Session
     Session::Store::Redis
-    Session::State::Cookie
+    NGCP::RealmCookie
     NGCP::EscapeSensitiveValue
     NGCP::EscapeJs
     I18N
@@ -122,6 +122,7 @@ __PACKAGE__->config(
         flash_to_stash => 1,
         expires => 3600,
         cookie_secure => 1,
+        cookie_name => 'ngcp-panel',
     },
 
     'Plugin::Authentication' => {