Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Migrated to cookies #13

Merged
merged 4 commits into from

7 participants

@oesmith

As mentioned on the discussion thread for issue #8, here's my small patch to switch to cookies.

Cheers!

Olly

@oesmith oesmith Switch to cookies library (from cookie-node).
Switch to oauth 1.0A, add option to specify callback URL.
292980f
lib/twitter.js
((5 lines not shown))
*/
-Twitter.prototype.cookie = function(req) {
+Twitter.prototype.cookie = function(cookies) {
@jdub Owner
jdub added a note

This API change makes it less of a drop-in replacement. If you can work around this, I'll pull this in as a medium-term change (as the OAuth web helper stuff will eventually move into another module).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@jdub
Owner

Thanks heaps! If we can avoid the API changes, I'll pull this in straight away. :-)

@jdub jdub commented on the diff
lib/twitter.js
((7 lines not shown))
this.oauth = new oauth.OAuth(
this.options.request_token_url,
this.options.access_token_url,
this.options.consumer_key,
this.options.consumer_secret,
- '1.0', null, 'HMAC-SHA1', null,
+ '1.0A',
+ this.options.callback_url,
@jdub Owner
jdub added a note

Good call. :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@oesmith oesmith Refactor cookie helper back to its original signature to avoid API br…
…eakage (and hide the cookie implementation details - nobody needs to see that ;)).
1717917
@oesmith oesmith closed this
@oesmith

Thanks lots for the feedback - much appreciated.

I've refactored to put the API back to how it was - all in the latest commit.

Cheers!

Olly

@oesmith oesmith reopened this
@oesmith

Whoops.. didn't mean to hit 'Close'..

lib/twitter.js
@@ -248,16 +255,11 @@ Twitter.prototype.stream = function(method, params, callback) {
/*
* TWITTER "O"AUTHENTICATION UTILITIES, INCLUDING THE GREAT
* CONNECT/STACK STYLE TWITTER "O"AUTHENTICATION MIDDLEWARE
- * and helpful utilities to retrieve the twauth cookie etc.
@jdub Owner
jdub added a note

This should not be removed.

@oesmith
oesmith added a note

Have re-instated this with latest commit.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@jdub jdub commented on the diff
lib/twitter.js
@@ -291,7 +289,8 @@ Twitter.prototype.login = function(mount, success) {
}
// Fetch the cookie
- var twauth = self.cookie(req);
@jdub Owner
jdub added a note

No need to replace this with the return of self.cookie()

@oesmith
oesmith added a note

'cookies' needs to be in scope lower down to set new cookie values.

I'm not sure if there's an more elegant way to do this with calling self.cookie(), without changing its signature. What do you think?

@jdub Owner
jdub added a note

Ah yes, you need res to set... luckily, signature matters not. :-)

If prototype.cookie took (req, res), and passed res || null to the Cookies constructor, we'd be fine.

OK with that? Thanks!

@oesmith
oesmith added a note

We still need to Cookies object though.. how would you get that back from prototype.cookie?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@fat
fat commented

what's the status of this... why not merge? Getting this message is disconcerting:

This library has been deprecated. Please use `npm install cookies` instead.
@oesmith

fwiw, I've been using this patch in production on http://tweetgp.com for the last 3 months with no issues.

@neopunisher

same message as fat... please update

@aseemk

+1

@slajax

+2

@masterkain

is this fork totally abandoned?

@oesmith

I'm still using my fork in production.

Whether or not the changes will get pulled back into jdub's repo is another matter though..

@jdub jdub merged commit eeede3a into from
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on May 6, 2011
  1. @oesmith

    Switch to cookies library (from cookie-node).

    oesmith authored
    Switch to oauth 1.0A, add option to specify callback URL.
Commits on May 7, 2011
  1. @oesmith

    Refactor cookie helper back to its original signature to avoid API br…

    oesmith authored
    …eakage (and hide the cookie implementation details - nobody needs to see that ;)).
Commits on May 8, 2011
  1. @oesmith

    Re-instate comment.

    oesmith authored
Commits on Oct 2, 2011
  1. @oesmith
This page is out of date. Refresh to see the latest.
Showing with 28 additions and 17 deletions.
  1. +26 −16 lib/twitter.js
  2. +2 −1  package.json
View
42 lib/twitter.js
@@ -2,7 +2,8 @@ var VERSION = '0.1.17',
http = require('http'),
querystring = require('querystring'),
oauth = require('oauth'),
- cookie = require('cookie'),
+ Cookies = require('cookies'),
+ Keygrip = require('keygrip'),
streamparser = require('./parser');
function merge(defaults, options) {
@@ -37,6 +38,7 @@ function Twitter(options) {
access_token_url: 'https://api.twitter.com/oauth/access_token',
authenticate_url: 'https://api.twitter.com/oauth/authenticate',
authorize_url: 'https://api.twitter.com/oauth/authorize',
+ callback_url: null,
rest_base: 'https://api.twitter.com/1',
search_base: 'https://search.twitter.com',
@@ -51,12 +53,17 @@ function Twitter(options) {
};
this.options = merge(defaults, options);
+ this.keygrip = this.options.cookie_secret === null ? null :
+ new Keygrip([this.options.cookie_secret]);
+
this.oauth = new oauth.OAuth(
this.options.request_token_url,
this.options.access_token_url,
this.options.consumer_key,
this.options.consumer_secret,
- '1.0', null, 'HMAC-SHA1', null,
+ '1.0A',
+ this.options.callback_url,
+ 'HMAC-SHA1', null,
this.options.headers);
}
Twitter.VERSION = VERSION;
@@ -252,12 +259,8 @@ Twitter.prototype.stream = function(method, params, callback) {
*/
Twitter.prototype.cookie = function(req) {
// Fetch the cookie
- try {
- var twauth = JSON.parse(req.getSecureCookie(this.options.cookie));
- } catch (error) {
@jdub Owner
jdub added a note

Good call. :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
- var twauth = null;
- }
- return twauth;
+ var cookies = new Cookies(req, null, this.keygrip);
+ return this._readCookie(cookies);
}
Twitter.prototype.login = function(mount, success) {
@@ -270,10 +273,6 @@ Twitter.prototype.login = function(mount, success) {
// Use secure cookie if forced to https and haven't configured otherwise
if ( this.options.secure && !this.options.cookie_options.secure )
this.options.cookie_options.secure = true;
- // Set up the cookie encryption secret if we've been given one
- if ( !cookie.secret && this.options.cookie_secret !== null )
- cookie.secret = this.options.cookie_secret;
- // FIXME: ^ so configs that don't use login() won't work?
return function handle(req, res, next) {
var path = url.parse(req.url, true);
@@ -291,7 +290,8 @@ Twitter.prototype.login = function(mount, success) {
}
// Fetch the cookie
- var twauth = self.cookie(req);
+ var cookies = new Cookies(req, res, self.keygrip);
+ var twauth = self._readCookie(cookies);
// We have a winner, but they're in the wrong place
if ( twauth && twauth.user_id && twauth.access_token_secret ) {
@@ -314,7 +314,7 @@ Twitter.prototype.login = function(mount, success) {
// FIXME: do something more intelligent
return next(500);
} else {
- res.setSecureCookie(self.options.cookie, JSON.stringify({
+ cookies.set(self.options.cookie, JSON.stringify({
@jdub Owner
jdub added a note

No need to replace this with the return of self.cookie()

@oesmith
oesmith added a note

'cookies' needs to be in scope lower down to set new cookie values.

I'm not sure if there's an more elegant way to do this with calling self.cookie(), without changing its signature. What do you think?

@jdub Owner
jdub added a note

Ah yes, you need res to set... luckily, signature matters not. :-)

If prototype.cookie took (req, res), and passed res || null to the Cookies constructor, we'd be fine.

OK with that? Thanks!

@oesmith
oesmith added a note

We still need to Cookies object though.. how would you get that back from prototype.cookie?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
user_id: user_id,
screen_name: screen_name,
access_token_key: access_token_key,
@@ -334,7 +334,7 @@ Twitter.prototype.login = function(mount, success) {
// FIXME: do something more intelligent
return next(500);
} else {
- res.setSecureCookie(self.options.cookie, JSON.stringify({
+ cookies.set(self.options.cookie, JSON.stringify({
oauth_token: oauth_token,
oauth_token_secret: oauth_token_secret
}), self.options.cookie_options);
@@ -350,7 +350,7 @@ Twitter.prototype.login = function(mount, success) {
// Broken cookie, clear it and return to originating page
// FIXME: this is dumb
} else {
- res.clearCookie(self.options.cookie);
+ cookies.set(self.options.cookie, null, self.options.cookie_options);
res.writeHead(302, {'Location': mount});
res.end();
return;
@@ -1132,3 +1132,13 @@ Twitter.prototype._getUsingCursor = function(url, params, callback) {
return this;
}
+
+Twitter.prototype._readCookie = function(cookies) {
+ // parse the auth cookie
+ try {
+ var twauth = JSON.parse(cookies.get(this.options.cookie));
+ } catch (error) {
+ var twauth = null;
+ }
+ return twauth;
+}
View
3  package.json
@@ -14,7 +14,8 @@
}
, "dependencies":
{ "oauth": ">=0.8.4"
- , "cookie": ">=0.1.4"
+ , "cookies": ">=0.1.6"
+ , "keygrip": ">=0.1.7"
}
, "engines": ["node >=0.2.0"]
, "main": "./lib/twitter"
Something went wrong with that request. Please try again.