UNPKG

ohm

Version:

Node.js Session Manager

ohm.fm

ohmlabs/ohm

55 lines (52 loc) 1.95 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
'use strict'; var baseManager = include('infra/base-manager'); var session = require('express-session'); var SessionDataStore = include('models/SessionDataStore.js'); var production = process.env.NODE_ENV === 'production'; var sessionManager = Object.assign({}, baseManager, { configureCommon: function configureCommon(nconf, app, io) { var ohmSessionDataStore = new SessionDataStore(nconf.get()); var ohmCookieParser = require('cookie-parser')(nconf.get('SOCKETIO_SESSION_SECRET')); app.use(ohmCookieParser); app.use(session({ secret: nconf.get('SOCKETIO_SESSION_SECRET'), resave: true, saveUninitialized: false, store: ohmSessionDataStore, cookie: { path: '/', httpOnly: true, expires: new Date(Date.now() + 525600 * 60 * 1000) }, key: nconf.get('SESSION_KEY') })); ///////////////////// // Socket IO setup // ///////////////////// // See: // 1. https://github.com/LearnBoost/socket.io/wiki/Authorizing // 2. http://stackoverflow.com/questions/11541835/ // 3. https://github.com/senchalabs/connect/blob/master/lib/middleware/session.js var ensureAuthenticatedSocket = function ensureAuthenticatedSocket(handshake, callback) { ohmCookieParser(handshake, null, function (err) { var sessionID = handshake.signedCookies[nconf.get('SESSION_KEY')]; ohmSessionDataStore.get(sessionID, callback); }); }; io.use(function (socket, next) { var handshake = socket.request; // call the method with handshake as parameter, wait for callback ensureAuthenticatedSocket(handshake, function (err, sessionData) { if (!err && sessionData) { // IT WORKED handshake.sessionData = sessionData; next(); } else { // IT FAILED next(new Error('Not authorized')); } }); }); } }); module.exports = sessionManager;