From f8549ca184ef5c024e6ad183772fbd39a75c022f Mon Sep 17 00:00:00 2001
From: Matt Henderson <matt_henderson@sil.org>
Date: Wed, 13 Jun 2018 13:30:55 -0400
Subject: [PATCH] Add optional cookieValidationKey

---
 application/frontend/config/main.php | 3 +++
 local.env.dist                       | 1 +
 2 files changed, 4 insertions(+)

diff --git a/application/frontend/config/main.php b/application/frontend/config/main.php
index 807ec735..0946d426 100644
--- a/application/frontend/config/main.php
+++ b/application/frontend/config/main.php
@@ -4,6 +4,7 @@
 
 /* Get frontend-specific config settings from ENV vars or set defaults. */
 $frontCookieSecure = Env::get('FRONT_COOKIE_SECURE', true);
+$cookieValidationKey = Env::get('COOKIE_VALIDATION_KEY');
 
 $sessionLifetime = 1800; // 30 minutes
 
@@ -36,6 +37,8 @@
             'errorAction' => 'site/error',
         ],
         'request' => [
+            'cookieValidationKey' => $cookieValidationKey,
+            'enableCookieValidation' => !empty($cookieValidationKey),
             'enableCsrfValidation' => false,
             'parsers' => [
                 'application/json' => 'yii\web\JsonParser',
diff --git a/local.env.dist b/local.env.dist
index ed1dca75..7969a47a 100644
--- a/local.env.dist
+++ b/local.env.dist
@@ -12,6 +12,7 @@ RECAPTCHA_SITE_KEY=
 RECAPTCHA_SECRET_KEY=
 COMPOSER_AUTH={"github-oauth":{"github.com":"tokenhere"}}
 COMPOSER_CACHE_DIR=/tmp
+COOKIE_VALIDATION_KEY=
 UI_URL=http://idp-pw.local/#
 UI_CORS_ORIGIN=http://idp-pw.local
 HELP_CENTER_URL=https://google.com/