From 57cf5139c552cb7feab9947daa949ca434cc0a66 Mon Sep 17 00:00:00 2001
From: Simon Willison <swillison@gmail.com>
Date: Sun, 31 May 2020 18:06:16 -0700
Subject: [PATCH] Default actor_from_request hook supporting ds_actor signed
 cookie

Refs #784, refs #699
---
 datasette/actor_auth_cookie.py | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 datasette/actor_auth_cookie.py

diff --git a/datasette/actor_auth_cookie.py b/datasette/actor_auth_cookie.py
new file mode 100644
index 00000000..41f33fe9
--- /dev/null
+++ b/datasette/actor_auth_cookie.py
@@ -0,0 +1,18 @@
+from datasette import hookimpl
+from itsdangerous import BadSignature
+from http.cookies import SimpleCookie
+
+
+@hookimpl
+def actor_from_request(datasette, request):
+    cookies = SimpleCookie()
+    cookies.load(
+        dict(request.scope.get("headers") or []).get(b"cookie", b"").decode("utf-8")
+    )
+    if "ds_actor" not in cookies:
+        return None
+    ds_actor = cookies["ds_actor"].value
+    try:
+        return datasette.unsign(ds_actor, "actor")
+    except BadSignature:
+        return None