-
Notifications
You must be signed in to change notification settings - Fork 21
/
index.js
124 lines (110 loc) · 3.11 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
/**
* update from cookie-sesion middleware
*/
(function() {
'use strict';
var domain = require('domain');
var Cookies = require('cookies');
var onHeaders = require('on-headers');
var debug = require('debug')('AV:cookieSession');
module.exports = function(av) {
return function(opts) {
opts = opts || {};
// name - previously "opts.key"
var name = opts.name || opts.key || 'avos:sess';
// secrets
var keys = opts.keys;
if (!keys && opts.secret) {
keys = [opts.secret];
}
// defaults
if (!opts.overwrite) {
opts.overwrite = true;
}
opts.httpOnly = true;
opts.signed = true;
if (!keys && opts.signed) {
throw new Error('.keys required for avos cookie sessions.');
}
debug('session options %j', opts);
return function cookieSession(req, res, next) {
var cookieSetter = function() {
var cookies = req.sessionCookies = new Cookies(req, res, keys);
// to pass to Session()
req.sessionOptions = opts;
req.sessionKey = name;
onHeaders(res, function setHeaders() {
var session = null;
var user = av.User.current();
if (user) {
session = {
_uid: user.id,
_sessionToken: user._sessionToken
};
}
if (!session) {
debug('clear session');
cookies.set(name, '', opts);
} else {
debug('session %j', session);
cookies.set(name, encode(session), opts);
}
});
var session = {};
var json = cookies.get(name, opts);
if (json) {
session = decode(json);
}
var uid = session._uid;
var sessionToken = session._sessionToken;
req.AV = req.AV || {};
if (uid && sessionToken) {
av.Cloud.logInByIdAndSessionToken(uid, sessionToken, opts.fetchUser, function(err, user) {
if(err) {
debug('sessionToken invalid, uid: %s', uid);
av.User.logOut();
delete req.AV.user;
} else {
req.AV.user = user;
}
return next();
});
} else {
av.User.logOut();
delete req.AV.user;
return next();
}
};
if (process.domain) {
return cookieSetter();
}
var d = domain.create();
d.add(req);
d.add(res);
d.run(cookieSetter);
};
};
};
/**
* Decode the base64 cookie value to an object.
*
* @param {String} string
* @return {Object}
* @private
*/
function decode(string) {
var body = new Buffer(string, 'base64').toString('utf8');
return JSON.parse(body);
}
/**
* Encode an object into a base64-encoded JSON string.
*
* @param {Object} body
* @return {String}
* @private
*/
function encode(body) {
body = JSON.stringify(body);
return new Buffer(body).toString('base64');
}
}).call(this);