public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Set secret on cookieParser (migrate to express v3)

pull/1020/head
Marcel Klehr 2012-09-22 14:05:41 +02:00
parent 71579d1478
commit 794c3d1afe
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/node/hooks/express/webaccess.js
View File

@ -96,8 +96,6 @@ exports.expressConfigure = function (hook_name, args, cb) {
if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR")) if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
args.app.use(log4js.connectLogger(httpLogger, { level: log4js.levels.INFO, format: ':status, :method :url'})); args.app.use(log4js.connectLogger(httpLogger, { level: log4js.levels.INFO, format: ':status, :method :url'}));
args.app.use(express.cookieParser());
/* Do not let express create the session, so that we can retain a /* Do not let express create the session, so that we can retain a
* reference to it for socket.io to use. Also, set the key (cookie * reference to it for socket.io to use. Also, set the key (cookie
* name) to a javascript identifier compatible string. Makes code * name) to a javascript identifier compatible string. Makes code
@ -108,10 +106,11 @@ exports.expressConfigure = function (hook_name, args, cb) {
secret = randomString(32); secret = randomString(32);
} }
args.app.use(express.cookieParser(secret));
args.app.sessionStore = exports.sessionStore; args.app.sessionStore = exports.sessionStore;
args.app.use(express.session({store: args.app.sessionStore, args.app.use(express.session({store: args.app.sessionStore,
key: 'express_sid', key: 'express_sid' }));
secret: secret}));
args.app.use(exports.basicAuth); args.app.use(exports.basicAuth);
} }