Skip to content
Browse files

Initial commmit of a session cookie store.

  • Loading branch information...
0 parents commit 215f221ada5e2efb8ae12cf5b7842a986688503b @ciaranj committed May 16, 2010
Showing with 141 additions and 0 deletions.
  1. +1 −0 .gitignore
  2. +19 −0 examples/app.js
  3. +117 −0 lib/express/plugins/session-cookie.js
  4. +4 −0 seed.yml
1 .gitignore
@@ -0,0 +1 @@
+*.seed
19 examples/app.js
@@ -0,0 +1,19 @@
+var kiwi= require('kiwi');
+var sys= require('sys');
+
+kiwi.require('express')
+require('express/plugins')
+
+var SessionCookie= require('../lib/express/plugins/session-cookie').SessionCookie
+use(Cookie)
+use(SessionCookie, {secret: 'asasdasdasds'})
+
+//use(Session, { dataStore: MongoDbStore, mongoDbName:'sessions_poop', lifetime: (15).seconds, reapInterval: (10).seconds })
+//use(Session, { dataStore: MongoDbStore, mongoServerPort: 27017, mongoServerAddress: "127.0.0.1", mongoDbName:'sessions_poop', lifetime: (15).seconds, reapInterval: (10).seconds })
+//use(Session, { dataStore: MongoDbStore, mongoServer: new require('mongodb/connection').Server("127.0.0.1", 27017, {auto_reconnect: true}, {}) , lifetime: (15).seconds, reapInterval: (10).seconds })
+
+get('/', function() {
+ if( !this.session.counter ) this.session.counter= 0;
+ return "<h1>Hello!</h1>" + "<p>" + (this.session.counter++) +"</p>"
+})
+run();
117 lib/express/plugins/session-cookie.js
@@ -0,0 +1,117 @@
+
+// Express - Cookie Session - Copyright Ciaran Jessup <ciaranj@gmail.com> (MIT Licensed)
+// Original by 'weepy'
+
+/**
+ * Module dependencies.
+ */
+
+var Base= require('express/plugins/session').Base,
+ sys= require("sys"),
+ md5= require('ext/md5'),
+ utils= require('express/utils'),
+ base64= require('ext/base64')
+
+// --- SessionCookie
+
+exports.SessionCookie = Plugin.extend({
+ extend: {
+
+ /**
+ * Initialize the Session Provider
+ *
+ * Options:
+ *
+ * - lifetime lifetime of session in milliseconds, defaults to one day
+ * - cookie session specific cookie options passed to Request#cookie()
+ * - secret application 'secret' key used to sign the session cookie
+ * _ cookieName the cookie name to use (defaults to _sess)
+ *
+ * @param {hash} options
+ * @api private
+ */
+
+ init: function(options) {
+ this.cookie = {}
+ if( !options || !options.secret ) throw new Error('You must declare an application secret to use this session.')
+ if( ! options.cookieName ) options.cookieName= "_sess";
+ Object.merge(this, options)
+ this.cookie.httpOnly = true
+ },
+
+ _sign: function(sessionStr) {
+ return md5.hash( sessionStr + exports.SessionCookie.secret)
+ },
+
+ _createNewSession: function() {
+ var sess= new Base(10);
+ return sess;
+ },
+
+ _validSession: function(session) {
+ return session;
+ }
+ },
+
+ // --- Events
+
+ on: {
+
+ /**
+ * Create session id when not found; delegate to store.
+ */
+
+ request: function(event, callback) {
+ try{
+ var sessionStr = event.request.cookie( exports.SessionCookie.cookieName )
+ if (!sessionStr && event.request.url.pathname === '/favicon.ico') return
+ var newSession= exports.SessionCookie._createNewSession()
+ newSession.lastAccess= 0;
+ if (!sessionStr) {
+ event.request.session= newSession
+ return
+ }
+ var s= sessionStr.slice( 0, sessionStr.length - 33 )
+ s= s.replace(/!/g,'=')
+ var sig= sessionStr.slice( sessionStr.length - 32 )
+ if( exports.SessionCookie._sign(s) == sig ) {
+ var rawSession= newSession
+ try {
+ var parsedSavedSession= JSON.parse( s.base64Decoded )
+ for( var key in parsedSavedSession ) {
+ rawSession[key]= parsedSavedSession[key]
+ }
+ }
+ catch(e) {
+ //this should fix parse issues.
+ }
+ event.request.session= rawSession
+ }
+ else {
+ event.request.session= newSession
+ }
+ }catch(e) { event.request.session= newSession
+ }
+ return
+ },
+
+ /**
+ * Delegate to store, allowing it to save sessions changes.
+ */
+
+ response: function(event, callback) {
+ try {
+ var text= JSON.stringify(event.request.session)
+ var s= text.base64Encoded
+ var sig= exports.SessionCookie._sign(s)
+ s= s.replace(/=/g,'!')
+ event.request.cookie(exports.SessionCookie.cookieName, s+":"+ sig, exports.SessionCookie.cookie)
+ }
+ catch(e) {
+ sys.p(e)
+ //wish I could log something
+ }
+ return
+ }
+ }
+})
4 seed.yml
@@ -0,0 +1,4 @@
+---
+ name: express-session-cookie
+ description: A session implementation that stores its data in a 'secure' cookie
+ version: 0.0.1

0 comments on commit 215f221

Please sign in to comment.
Something went wrong with that request. Please try again.