mirror
/
c9-core
kopia lustrzana https://github.com/c9/core
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

refactors for better testing

pull/365/head
Matthijs van Henten 2016-09-22 18:00:38 +00:00
rodzic 49cb025274
commit 726ac88a50
1 zmienionych plików z 18 dodań i 36 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

54
node_modules/connect-architect/connect.session/session.js wygenerowano vendored
Wyświetl plik

@ -16,17 +16,15 @@
var Session = require('./session/session')
, debug = require('debug')('connect:session')
, signature = require('cookie-signature')
, Cookie = require('./session/cookie')
, Store = require('./session/store')
, utils = require('./session/utils')
, uid = require('uid2')
, crc32 = require('buffer-crc32')
, parse = require('url').parse;
// environment
var env = process.env.NODE_ENV;
var decrypt = require("./decrypt");
var encrypt = require("./encrypt");
var hash = require("./session/hash");
/**
* Expose the middleware.
@ -217,8 +215,8 @@ function session(options){
// ensure secret is available or bail
if (!secret) throw new Error('`secret` option required for sessions');
// secret is always an array of secrets
// normalize secret to be an array
secret = [].concat(secret);
var originalHash
@ -229,23 +227,22 @@ function session(options){
// grab the session cookie value and check the signature
var rawCookie = req.cookies[key];
// get signedCookies for backwards compat with signed cookies
var unsignedCookie = req.signedCookies[key];
var usedSecret;
if (!unsignedCookie && rawCookie) {
for (var i = 0; i < secret.length; i++) {
if (unsignedCookie) continue;
unsignedCookie = utils.parseSignedCookie(rawCookie, secret[i]);
usedSecret = secret[i];
}
var values = decrypt.decrypt(secret, rawCookie);
usedSecret = values.usedSecret;
unsignedCookie = values.unsignedCookie;
}
// set-cookie
res.on('header', function(){
if (!req.session) return;
var cookie = req.session.cookie
, proto = (req.headers['x-forwarded-proto'] || '').split(',')[0].toLowerCase().trim()
, tls = req.connection.encrypted || (trustProxy && 'https' == proto)
@ -254,21 +251,20 @@ function session(options){
// only send secure cookies via https
if (cookie.secure && !tls) return debug('not secured');
// in case of rolling session, always reset the cookie
if (usedSecret == secret[0] && !rollingSessions) {
var masterSecret = secret[1] || secret[0];
// in case of rolling session, always reset the cookie
if (usedSecret == masterSecret && !rollingSessions) {
// browser-session length cookie
if (null == cookie.expires) {
if (!isNew) return debug('already set browser-session cookie');
// compare hashes and ids
} else if (originalHash == hash(req.session) && originalId == req.session.id) {
} else if (originalHash == hash.hash(req.session) && originalId == req.session.id) {
return debug('unmodified session');
}
}
var val = 's:' + signature.sign(req.sessionID, secret[0]);
val = cookie.serialize(key, val);
var val = encrypt(req.sessionID, key, cookie, masterSecret);
debug('set-cookie %s', val);
res.setHeader('Set-Cookie', val);
});
@ -333,24 +329,10 @@ function session(options){
debug('session found');
store.createSession(req, sess);
originalId = req.sessionID;
originalHash = hash(sess);
originalHash = hash.hash(sess);
next();
}
});
};
};
/**
* Hash the given `sess` object omitting changes
* to `.cookie`.
*
* @param {Object} sess
* @return {String}
* @api private
*/
function hash(sess) {
return crc32.signed(JSON.stringify(sess, function(key, val){
if ('cookie' != key) return val;
}));
}