From acb5a6dcf995d794da55cdbcf614c77d4d87009a Mon Sep 17 00:00:00 2001
From: FinnStutzenstein <finn.stutzenstein@rats-os.de>
Date: Mon, 5 Dec 2016 15:24:43 +0100
Subject: [PATCH] Use session cookies and store filter settings in
 sessionStorage

---
 README.rst                                    |  2 +-
 bower.json                                    |  2 +-
 openslides/agenda/static/js/agenda/site.js    |  4 +--
 .../assignments/static/js/assignments/site.js |  2 +-
 openslides/core/static/js/core/base.js        |  2 +-
 openslides/core/static/js/core/site.js        | 29 ++++++++++++-------
 openslides/global_settings.py                 |  6 ++++
 .../mediafiles/static/js/mediafiles/site.js   |  2 +-
 openslides/motions/static/js/motions/site.js  |  2 +-
 openslides/users/static/js/users/site.js      |  2 +-
 10 files changed, 32 insertions(+), 21 deletions(-)

diff --git a/README.rst b/README.rst
index 0536ef1fc..dea5574f0 100644
--- a/README.rst
+++ b/README.rst
@@ -178,7 +178,6 @@ OpenSlides uses the following projects or parts of them:
   * `angular-bootstrap <http://angular-ui.github.io/bootstrap>`_, License: MIT
   * `angular-bootstrap-colorpicker <https://github.com/buberdds/angular-bootstrap-colorpicker>`_, License: MIT
   * `angular-chosen-localytics <http://github.com/leocaseiro/angular-chosen>`_, License: MIT
-  * `angular-cookies <https://github.com/angular/bower-angular-cookies>`_, License: MIT
   * `angular-csv-import <https://github.com/bahaaldine/angular-csv-import>`_, License: MIT
   * `angular-formly <http://formly-js.github.io/angular-formly/>`_, License: MIT
   * `angular-formly-templates-bootstrap <https://github.com/formly-js/angular-formly-templates-bootstrap>`_, License: MIT
@@ -206,6 +205,7 @@ OpenSlides uses the following projects or parts of them:
   * `lodash <https://lodash.com/>`_, License: MIT
   * `ng-dialog <https://github.com/likeastore/ngDialog>`_, License: MIT
   * `ng-file-upload <https://github.com/danialfarid/ng-file-upload>`_, License: MIT
+  * `ngStorage <https://github.com/gsklee/ngStorage>`_, License: MIT
   * `ngbootbox <https://github.com/eriktufvesson/ngBootbox>`_, License: MIT
   * `open-sans-fontface <https://github.com/FontFaceKit/open-sans>`_, License: Apache License version 2.0
   * `pdfjs-dist <http://mozilla.github.io/pdf.js/>`_, License: Apache-2.0
diff --git a/bower.json b/bower.json
index aef1e10b8..86ef6470d 100644
--- a/bower.json
+++ b/bower.json
@@ -9,7 +9,6 @@
     "angular-bootstrap-colorpicker": "~3.0.25",
     "angular-chosen-localytics": "~1.5.0",
     "angular-csv-import": "0.0.36",
-    "angular-cookies": "~1.5.9",
     "angular-file-saver": "~1.1.2",
     "angular-formly": "~8.4.0",
     "angular-formly-templates-bootstrap": "~6.2.0",
@@ -33,6 +32,7 @@
     "lodash": "~4.16.0",
     "ng-dialog": "~0.6.4",
     "ng-file-upload": "~11.2.3",
+    "ngstorage": "~0.3.11",
     "ngBootbox": "~0.1.3",
     "pdfmake-dist": "~0.1.27",
     "open-sans-fontface": "https://github.com/OpenSlides/open-sans.git#1.4.2.post1",
diff --git a/openslides/agenda/static/js/agenda/site.js b/openslides/agenda/static/js/agenda/site.js
index 8bc8ab654..9695b3f63 100644
--- a/openslides/agenda/static/js/agenda/site.js
+++ b/openslides/agenda/static/js/agenda/site.js
@@ -140,7 +140,7 @@ angular.module('OpenSlidesApp.agenda.site', [
         // Filtering
         $scope.filter = osTableFilter.createInstance('AgendaTableFilter');
 
-        if (!$scope.filter.existsCookie()) {
+        if (!$scope.filter.existsStorageEntry()) {
             $scope.filter.booleanFilters = {
                 closed: {
                     value: undefined,
@@ -155,8 +155,6 @@ angular.module('OpenSlidesApp.agenda.site', [
                     choiceNo: gettext('No internal items'),
                 },
             };
-
-            $scope.filter.save();
         }
         $scope.filter.propertyList = ['item_number', 'title', 'title_list_view', 'comment', 'duration'];
         $scope.filter.propertyFunctionList = [
diff --git a/openslides/assignments/static/js/assignments/site.js b/openslides/assignments/static/js/assignments/site.js
index 7e668a3ff..826213807 100644
--- a/openslides/assignments/static/js/assignments/site.js
+++ b/openslides/assignments/static/js/assignments/site.js
@@ -323,7 +323,7 @@ angular.module('OpenSlidesApp.assignments.site', [
         // Filtering
         $scope.filter = osTableFilter.createInstance('AssignmentTableFilter');
 
-        if (!$scope.filter.existsCookie()) {
+        if (!$scope.filter.existsStorageEntry()) {
             $scope.filter.multiselectFilters = {
                 tag: [],
                 phase: [],
diff --git a/openslides/core/static/js/core/base.js b/openslides/core/static/js/core/base.js
index e37fbd9d8..ce398ab90 100644
--- a/openslides/core/static/js/core/base.js
+++ b/openslides/core/static/js/core/base.js
@@ -19,7 +19,7 @@ angular.module('OpenSlidesApp.core', [
     '$httpProvider',
     function($httpProvider) {
         // Combine the django csrf system with the angular csrf system
-        $httpProvider.defaults.xsrfCookieName = 'csrftoken';
+        $httpProvider.defaults.xsrfCookieName = 'OpenSlidesCsrfToken';
         $httpProvider.defaults.xsrfHeaderName = 'X-CSRFToken';
     }
 ])
diff --git a/openslides/core/static/js/core/site.js b/openslides/core/static/js/core/site.js
index 76ab9bd15..ec42b26fb 100644
--- a/openslides/core/static/js/core/site.js
+++ b/openslides/core/static/js/core/site.js
@@ -13,11 +13,11 @@ angular.module('OpenSlidesApp.core.site', [
     'formlyBootstrap',
     'localytics.directives',
     'ngBootbox',
-    'ngCookies',
     'ngDialog',
     'ngFileSaver',
     'ngMessages',
     'ngCsvImport',
+    'ngStorage',
     'ui.tinymce',
     'luegg.directives',
     'xeditable',
@@ -343,6 +343,13 @@ angular.module('OpenSlidesApp.core.site', [
     }
 ])
 
+.config([
+    '$sessionStorageProvider',
+    function ($sessionStorageProvider) {
+        $sessionStorageProvider.setKeyPrefix('OpenSlides');
+    }
+])
+
 // Helper to add ui.router states at runtime.
 // Needed for the django url_patterns.
 .provider('runtimeStates', [
@@ -371,25 +378,25 @@ angular.module('OpenSlidesApp.core.site', [
  * - propertyList, propertyFunctionList, propertyDict: See function getObjectQueryString
  */
 .factory('osTableFilter', [
-    '$cookies',
-    function ($cookies) {
-        var createInstance = function (cookieName) {
+    '$sessionStorage',
+    function ($sessionStorage) {
+        var createInstance = function (tableName) {
             var self = {
                 multiselectFilters: {},
                 booleanFilters: {},
                 filterString: '',
             };
-            var existsCookie = function () {
-                return $cookies.getObject(cookieName);
+            var existsStorageEntry = function () {
+                return $sessionStorage[tableName];
             };
-            var cookie = existsCookie();
-            if (cookie) {
-                self = cookie;
+            var storage = existsStorageEntry();
+            if (storage) {
+                self = storage;
             }
 
-            self.existsCookie = existsCookie;
+            self.existsStorageEntry = existsStorageEntry;
             self.save = function () {
-                $cookies.putObject(cookieName, self);
+                $sessionStorage[tableName] = self;
             };
             self.areFiltersSet = function () {
                 var areFiltersSet = _.find(self.multiselectFilters, function (filterList) {
diff --git a/openslides/global_settings.py b/openslides/global_settings.py
index f236ed9fc..e0a2878ab 100644
--- a/openslides/global_settings.py
+++ b/openslides/global_settings.py
@@ -101,6 +101,12 @@ SESSION_ENGINE = 'openslides.core.session_backend'
 
 SESSION_COOKIE_NAME = 'OpenSlidesSessionID'
 
+SESSION_EXPIRE_AT_BROWSER_CLOSE = True
+
+CSRF_COOKIE_NAME = 'OpenSlidesCsrfToken'
+
+CSRF_COOKIE_AGE = None
+
 PASSWORD_HASHERS = [
     'django.contrib.auth.hashers.PBKDF2PasswordHasher',
     'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
diff --git a/openslides/mediafiles/static/js/mediafiles/site.js b/openslides/mediafiles/static/js/mediafiles/site.js
index b256b7d8b..a1b6dbd2c 100644
--- a/openslides/mediafiles/static/js/mediafiles/site.js
+++ b/openslides/mediafiles/static/js/mediafiles/site.js
@@ -101,7 +101,7 @@ angular.module('OpenSlidesApp.mediafiles.site', ['ngFileUpload', 'OpenSlidesApp.
         // Filtering
         $scope.filter = osTableFilter.createInstance('MediafilesTableFilter');
 
-        if (!$scope.filter.existsCookie()) {
+        if (!$scope.filter.existsStorageEntry()) {
             $scope.filter.booleanFilters = {
                 isPrivate: {
                     value: undefined,
diff --git a/openslides/motions/static/js/motions/site.js b/openslides/motions/static/js/motions/site.js
index 7441ea606..8e1a42c6d 100644
--- a/openslides/motions/static/js/motions/site.js
+++ b/openslides/motions/static/js/motions/site.js
@@ -824,7 +824,7 @@ angular.module('OpenSlidesApp.motions.site', [
         // Filtering
         $scope.filter = osTableFilter.createInstance('MotionTableFilter');
 
-        if (!$scope.filter.existsCookie()) {
+        if (!$scope.filter.existsStorageEntry()) {
             $scope.filter.multiselectFilters = {
                 state: [],
                 category: [],
diff --git a/openslides/users/static/js/users/site.js b/openslides/users/static/js/users/site.js
index 55ab08d4d..4a4d1e7b0 100644
--- a/openslides/users/static/js/users/site.js
+++ b/openslides/users/static/js/users/site.js
@@ -512,7 +512,7 @@ angular.module('OpenSlidesApp.users.site', [
         // Filtering
         $scope.filter = osTableFilter.createInstance('UserTableFilter');
 
-        if (!$scope.filter.existsCookie()) {
+        if (!$scope.filter.existsStorageEntry()) {
             $scope.filter.multiselectFilters = {
                 group: [],
             };