diff --git a/lms/djangoapps/student_account/test/test_views.py b/lms/djangoapps/student_account/test/test_views.py index 12966e747b..e82d4b4ab0 100644 --- a/lms/djangoapps/student_account/test/test_views.py +++ b/lms/djangoapps/student_account/test/test_views.py @@ -31,7 +31,7 @@ from commerce.models import CommerceConfiguration from commerce.tests import factories from commerce.tests.mocks import mock_get_orders from course_modes.models import CourseMode -from edxmako.shortcuts import render_to_response +from http.cookies import SimpleCookie from openedx.core.djangoapps.oauth_dispatch.tests import factories as dot_factories from openedx.core.djangoapps.programs.tests.mixins import ProgramsApiConfigMixin from openedx.core.djangoapps.site_configuration.tests.mixins import SiteMixin @@ -542,6 +542,23 @@ class StudentAccountLoginAndRegistrationTest(ThirdPartyAuthTestMixin, UrlResetMi if logo_url: self.assertContains(response, logo_url) + def test_enterprise_cookie_delete(self): + """ + Test that enterprise cookies are deleted in login/registration views. + + Cookies must be deleted in login/registration views so that *default* login/registration branding + is displayed to subsequent requests from non-enterprise customers. + """ + cookies = SimpleCookie() + cookies[settings.ENTERPRISE_CUSTOMER_COOKIE_NAME] = 'test-enterprise-customer' + response = self.client.get(reverse('signin_user'), HTTP_ACCEPT="text/html", cookies=cookies) + + self.assertIn(settings.ENTERPRISE_CUSTOMER_COOKIE_NAME, response.cookies) # pylint:disable=no-member + enterprise_cookie = response.cookies[settings.ENTERPRISE_CUSTOMER_COOKIE_NAME] # pylint:disable=no-member + + self.assertEqual(enterprise_cookie['domain'], settings.BASE_COOKIE_DOMAIN) + self.assertEqual(enterprise_cookie.value, '') + @override_settings(SITE_NAME=settings.MICROSITE_TEST_HOSTNAME) def test_microsite_uses_old_login_page(self): # Retrieve the login page from a microsite domain diff --git a/lms/djangoapps/student_account/views.py b/lms/djangoapps/student_account/views.py index 9996eb5293..17b00e5532 100644 --- a/lms/djangoapps/student_account/views.py +++ b/lms/djangoapps/student_account/views.py @@ -150,7 +150,15 @@ def login_and_registration_form(request, initial_mode="login"): context = update_context_for_enterprise(request, context) - return render_to_response('student_account/login_and_register.html', context) + response = render_to_response('student_account/login_and_register.html', context) + + # Remove enterprise cookie so that subsequent requests show default login page. + response.delete_cookie( + configuration_helpers.get_value("ENTERPRISE_CUSTOMER_COOKIE_NAME", settings.ENTERPRISE_CUSTOMER_COOKIE_NAME), + domain=configuration_helpers.get_value("BASE_COOKIE_DOMAIN", settings.BASE_COOKIE_DOMAIN), + ) + + return response @require_http_methods(['POST']) diff --git a/lms/envs/aws.py b/lms/envs/aws.py index 8fa6c50b1e..dfa2d69a32 100644 --- a/lms/envs/aws.py +++ b/lms/envs/aws.py @@ -959,7 +959,6 @@ ENTERPRISE_COURSE_ENROLLMENT_AUDIT_MODES = ENV_TOKENS.get( ENTERPRISE_COURSE_ENROLLMENT_AUDIT_MODES ) - ############## ENTERPRISE SERVICE API CLIENT CONFIGURATION ###################### # The LMS communicates with the Enterprise service via the EdxRestApiClient class # The below environmental settings are utilized by the LMS when interacting with @@ -998,6 +997,10 @@ ENTERPRISE_EXCLUDED_REGISTRATION_FIELDS = set( ENTERPRISE_EXCLUDED_REGISTRATION_FIELDS ) ) +BASE_COOKIE_DOMAIN = ENV_TOKENS.get( + 'BASE_COOKIE_DOMAIN', + BASE_COOKIE_DOMAIN +) ############## CATALOG/DISCOVERY SERVICE API CLIENT CONFIGURATION ###################### # The LMS communicates with the Catalog service via the EdxRestApiClient class diff --git a/lms/envs/common.py b/lms/envs/common.py index b0fea16b84..04e52812a3 100644 --- a/lms/envs/common.py +++ b/lms/envs/common.py @@ -3219,6 +3219,7 @@ ENTERPRISE_EXCLUDED_REGISTRATION_FIELDS = { 'mailing_address', } ENTERPRISE_CUSTOMER_COOKIE_NAME = 'enterprise_customer_uuid' +BASE_COOKIE_DOMAIN = 'localhost' ############## Settings for Course Enrollment Modes ###################### COURSE_ENROLLMENT_MODES = {