From d03b432557e0422d5b0dbd32e82d36d3f9a5b68a Mon Sep 17 00:00:00 2001
From: Dylan William Hardison <dylan@hardison.net>
Date: Mon, 24 Aug 2015 14:04:19 -0400
Subject: Bug 1192687 - add the ability for users to view and revoke existing
 sessions

---
 Bugzilla/Auth/Login/Cookie.pm | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'Bugzilla/Auth/Login/Cookie.pm')

diff --git a/Bugzilla/Auth/Login/Cookie.pm b/Bugzilla/Auth/Login/Cookie.pm
index e1faa52d0..46024bca4 100644
--- a/Bugzilla/Auth/Login/Cookie.pm
+++ b/Bugzilla/Auth/Login/Cookie.pm
@@ -19,7 +19,7 @@ package Bugzilla::Auth::Login::Cookie;
 use strict;
 
 use base qw(Bugzilla::Auth::Login);
-use fields qw(_login_token);
+use fields qw(_login_token _cookie);
 
 use Bugzilla::Constants;
 use Bugzilla::Error;
@@ -58,6 +58,8 @@ sub get_login_info {
                                 @{$cgi->{'Bugzilla_cookie_list'}};
             $user_id = $cookie->value if $cookie;
         }
+        trick_taint($login_cookie) if $login_cookie;
+        $self->cookie($login_cookie);
 
         # If the call is for a web service, and an api token is provided, check
         # it is valid.
@@ -155,4 +157,11 @@ sub login_token {
     };
 }
 
+sub cookie {
+    my ($self, $val) = @_;
+    $self->{_cookie} = $val if @_ > 1;
+
+    return $self->{_cookie};
+}
+
 1;
-- 
cgit v1.2.3-24-g4f1b