Set secret on cookieParser (migrate to express v3)

pull/1020/head
Marcel Klehr 2012-09-22 14:05:41 +02:00
parent 71579d1478
commit 794c3d1afe
1 changed files with 3 additions and 4 deletions

View File

@ -96,8 +96,6 @@ exports.expressConfigure = function (hook_name, args, cb) {
if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
args.app.use(log4js.connectLogger(httpLogger, { level: log4js.levels.INFO, format: ':status, :method :url'}));
args.app.use(express.cookieParser());
/* Do not let express create the session, so that we can retain a
* reference to it for socket.io to use. Also, set the key (cookie
* name) to a javascript identifier compatible string. Makes code
@ -108,10 +106,11 @@ exports.expressConfigure = function (hook_name, args, cb) {
secret = randomString(32);
}
args.app.use(express.cookieParser(secret));
args.app.sessionStore = exports.sessionStore;
args.app.use(express.session({store: args.app.sessionStore,
key: 'express_sid',
secret: secret}));
key: 'express_sid' }));
args.app.use(exports.basicAuth);
}