Bakery's "cookie" metaphors

Bakery provides SSO and account data synchronization using mechanisms known as "cookies". Bakery cookies are sometimes HTTP cookies and otherwise keyed POST requests.

This page provides a list and description of Bakery cookies in branches 1.x and 2.x.

CHOCOLATECHIP (SSO) HTTP cookie

The CHOCOLATECHIP cookie is created by the master Bakery site only when a user is authenticated. This cookie needs to have the domain set as .example.com (leading period) so that all sites on the domain may access it.

stroopwafel (update) POST request

stroopwafel is the POST array key of the request made from Bakery master to Bakery slave to update user account information.

OATMEAL HTTP cookie

The OATMEAL cookie is a HTTP cookie, but it's usage differs between 1.x and 2.x branches of Bakery. In the 1.x branch the OATMEAL cookie contains the URL on slave site the master should redirect the user back to upon successful information. In the 2.x branch the OATMEAL cookie contains the account information during login and register as well as related data and optionally the url to redirect to after login.

thinmint (email validate) POST request

thinmint is the POST array key of the request made from Bakery slave to Bakery master when submitting the password reset form.

gingerbread (account validate) POST request

Bakery provides functionality to request an account be created on a slave for an existing master account. This is mostly separate from what happens when the user himself or herself requests the slave site. gingerbread is the POST array key of the Bakery slave request to the Bakery master.