commit 26139a5a651dcca88d1d40cac5e1e106285c1271
author Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> Wed Dec 11 19:11:18 2019 +0100
committer Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> Mon Dec 16 08:08:16 2019 +0000
tree 6a3d67cfbd46315fff3d56f7211ef85eec93fc88
parent 009c2a4d7ba310789487910cc06cb19c745c1c97

Adding a new value to cookie

This new value will be used by javascript in phosphor-webui
to perform login-less authentication.

Tested:
	Manually tests were performed on Chrome browser.
	Having enabled and configured mTLS user is able
	to authenticate with proper certificates.
	The login page is not displayed unless user logs out.

Appropriate phosphor-webui changes can be found here:
   https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-webui/+/27851

Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: Iac76459e1843a5c8bd2287c6e078319aebedfdcc

http/http_connection.h

diff --git a/http/http_connection.h b/http/http_connection.h
index 0b15616..cce4a54 100644
--- a/http/http_connection.h
+++ b/http/http_connection.h
@@ -540,7 +540,8 @@
                                       "XSRF-TOKEN=" + sp->csrfToken +
                                           "; Secure\r\nSet-Cookie: SESSION=" +
                                           sp->sessionToken +
-                                          "; Secure; HttpOnly");
+                                          "; Secure; HttpOnly\r\nSet-Cookie: "
+                                          "IsAuthenticated=true; Secure");
                         BMCWEB_LOG_DEBUG
                             << this << " TLS session: " << sp->uniqueId
                             << " with cookie will be used for this request.";