kopia lustrzana https://github.com/c9/core
refactors for better testing
rodzic
49cb025274
commit
726ac88a50
|
@ -16,17 +16,15 @@
|
|||
|
||||
var Session = require('./session/session')
|
||||
, debug = require('debug')('connect:session')
|
||||
, signature = require('cookie-signature')
|
||||
, Cookie = require('./session/cookie')
|
||||
, Store = require('./session/store')
|
||||
, utils = require('./session/utils')
|
||||
, uid = require('uid2')
|
||||
, crc32 = require('buffer-crc32')
|
||||
, parse = require('url').parse;
|
||||
|
||||
// environment
|
||||
|
||||
var env = process.env.NODE_ENV;
|
||||
var decrypt = require("./decrypt");
|
||||
var encrypt = require("./encrypt");
|
||||
var hash = require("./session/hash");
|
||||
|
||||
/**
|
||||
* Expose the middleware.
|
||||
|
@ -217,8 +215,8 @@ function session(options){
|
|||
|
||||
// ensure secret is available or bail
|
||||
if (!secret) throw new Error('`secret` option required for sessions');
|
||||
|
||||
// secret is always an array of secrets
|
||||
|
||||
// normalize secret to be an array
|
||||
secret = [].concat(secret);
|
||||
|
||||
var originalHash
|
||||
|
@ -229,23 +227,22 @@ function session(options){
|
|||
|
||||
// grab the session cookie value and check the signature
|
||||
var rawCookie = req.cookies[key];
|
||||
|
||||
|
||||
// get signedCookies for backwards compat with signed cookies
|
||||
var unsignedCookie = req.signedCookies[key];
|
||||
|
||||
var usedSecret;
|
||||
|
||||
if (!unsignedCookie && rawCookie) {
|
||||
for (var i = 0; i < secret.length; i++) {
|
||||
if (unsignedCookie) continue;
|
||||
unsignedCookie = utils.parseSignedCookie(rawCookie, secret[i]);
|
||||
usedSecret = secret[i];
|
||||
}
|
||||
var values = decrypt.decrypt(secret, rawCookie);
|
||||
|
||||
usedSecret = values.usedSecret;
|
||||
unsignedCookie = values.unsignedCookie;
|
||||
}
|
||||
|
||||
|
||||
// set-cookie
|
||||
res.on('header', function(){
|
||||
if (!req.session) return;
|
||||
|
||||
var cookie = req.session.cookie
|
||||
, proto = (req.headers['x-forwarded-proto'] || '').split(',')[0].toLowerCase().trim()
|
||||
, tls = req.connection.encrypted || (trustProxy && 'https' == proto)
|
||||
|
@ -254,21 +251,20 @@ function session(options){
|
|||
// only send secure cookies via https
|
||||
if (cookie.secure && !tls) return debug('not secured');
|
||||
|
||||
// in case of rolling session, always reset the cookie
|
||||
if (usedSecret == secret[0] && !rollingSessions) {
|
||||
var masterSecret = secret[1] || secret[0];
|
||||
|
||||
// in case of rolling session, always reset the cookie
|
||||
if (usedSecret == masterSecret && !rollingSessions) {
|
||||
// browser-session length cookie
|
||||
if (null == cookie.expires) {
|
||||
if (!isNew) return debug('already set browser-session cookie');
|
||||
// compare hashes and ids
|
||||
} else if (originalHash == hash(req.session) && originalId == req.session.id) {
|
||||
} else if (originalHash == hash.hash(req.session) && originalId == req.session.id) {
|
||||
return debug('unmodified session');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
var val = 's:' + signature.sign(req.sessionID, secret[0]);
|
||||
val = cookie.serialize(key, val);
|
||||
var val = encrypt(req.sessionID, key, cookie, masterSecret);
|
||||
debug('set-cookie %s', val);
|
||||
res.setHeader('Set-Cookie', val);
|
||||
});
|
||||
|
@ -333,24 +329,10 @@ function session(options){
|
|||
debug('session found');
|
||||
store.createSession(req, sess);
|
||||
originalId = req.sessionID;
|
||||
originalHash = hash(sess);
|
||||
originalHash = hash.hash(sess);
|
||||
next();
|
||||
}
|
||||
});
|
||||
};
|
||||
};
|
||||
|
||||
/**
|
||||
* Hash the given `sess` object omitting changes
|
||||
* to `.cookie`.
|
||||
*
|
||||
* @param {Object} sess
|
||||
* @return {String}
|
||||
* @api private
|
||||
*/
|
||||
|
||||
function hash(sess) {
|
||||
return crc32.signed(JSON.stringify(sess, function(key, val){
|
||||
if ('cookie' != key) return val;
|
||||
}));
|
||||
}
|
||||
|
|
Ładowanie…
Reference in New Issue