webaccess: Simplify Express and express-session setup

pull/4383/head
Richard Hansen 2020-10-03 15:21:50 -04:00 committed by John McLear
parent 275e5c31c8
commit b68969fbac
2 changed files with 11 additions and 21 deletions

View File

@ -49,8 +49,8 @@ exports.expressCreateServer = function (hook_name, args, cb) {
// check whether the user has authenticated, then any random person on the Internet can read,
// modify, or create any pad (unless the pad is password protected or an HTTP API session is
// required).
const cookieParserFn = util.promisify(cookieParser(webaccess.secret, {}));
const getSession = util.promisify(args.app.sessionStore.get).bind(args.app.sessionStore);
const cookieParserFn = util.promisify(cookieParser(settings.sessionKey, {}));
const getSession = util.promisify(webaccess.sessionStore.get).bind(webaccess.sessionStore);
io.use(async (socket, next) => {
const req = socket.request;
if (!req.headers.cookie) {

View File

@ -199,17 +199,12 @@ exports.checkAccess = (req, res, next) => {
step1PreAuthorize();
};
exports.secret = null;
exports.expressConfigure = (hook_name, args, cb) => {
// Measure response time
args.app.use((req, res, next) => {
const stopWatch = stats.timer('httpRequests').start();
const sendFn = res.send;
res.send = function() { // function, not arrow, due to use of 'arguments'
stopWatch.end();
sendFn.apply(res, arguments);
};
const sendFn = res.send.bind(res);
res.send = (...args) => { stopWatch.end(); sendFn(...args); };
next();
});
@ -224,22 +219,17 @@ exports.expressConfigure = (hook_name, args, cb) => {
}));
}
/* Do not let express create the session, so that we can retain a
* reference to it for socket.io to use. Also, set the key (cookie
* name) to a javascript identifier compatible string. Makes code
* handling it cleaner :) */
if (!exports.sessionStore) {
// Do not let express create the session, so that we can retain a reference to it for socket.io to
// use.
exports.sessionStore = new ueberStore();
exports.secret = settings.sessionKey;
}
args.app.sessionStore = exports.sessionStore;
args.app.use(sessionModule({
secret: exports.secret,
store: args.app.sessionStore,
secret: settings.sessionKey,
store: exports.sessionStore,
resave: false,
saveUninitialized: true,
// Set the cookie name to a javascript identifier compatible string. Makes code handling it
// cleaner :)
name: 'express_sid',
proxy: true,
cookie: {