function createClient(channelName, lastEditSeen) {
var dispatcher = new Flux.Dispatcher()
var chan = new EditorChannel(dispatcher)
var wsHost = window.location.hostname
var wsPort = window.location.port || 80
chan.connect(wsHost, wsPort, {
headers: {
'Cookie': 'vs070='+session.util.encode({
cookieName: 'vs070',
secret: secrets.sessionSecret,
duration: 4100421,
activeDuration: 190248
}, {
userId: new mongoose.Types.ObjectId('test1234' + (''+Date.now()).substring(8,12))
})
}
})
.on('ready', function() {
chan.lastEditSeen = lastEditSeen
if (channelName)
chan.join(channelName, channelName)
})
chan.dispatcher = dispatcher
return chan
}
exports.validate = function (options, data, next) {
if (!data.token) {
var error = new Error('Flow-auth.token.validate: No token found.');
error._ = data;
return next(error);
}
// validate token
var token = sessions.util.decode(this._token, data.token);
if (!token) {
var error = new Error('Flow-auth.token.validate: Invalid.');
error._ = data;
return next(error);
}
// validate duration
if ((token.createdAt + token.duration) <= new Date().getTime()) {
var error = new Error('Flow-auth.token.validate: Expired.');
error._ = data;
return next(error);
}
data.content = token.content;
next(null, data);
};
exports.create = function (options, data, next) {
if (!data.content) {
var error = new Error('Flow-auth.token.create: No token content.');
error._ = data;
return next(error);
}
data.token = sessions.util.encode(this._token, data.content, this._token.duration);
next(null, data);
};
server.io.of('/private').use(function(socket, next) {
var handshakeData = socket.request;
// Check that the cookie header is present
if (!handshakeData.headers.cookie) {
return next(new Error('No cookie transmitted.'));
}
// Get all the cookie objects
var cookie = parseCookie(handshakeData.headers.cookie);
if (!cookie['session']) {
var err = new Error('No session provided.');
log.error(err);
return next(err);
}
// Pull out the user from the cookie by using the decode function
handshakeData.sessionID = sessions.util.decode({
cookieName: 'session',
secret: server.cookieSecret
}, cookie['session']);
if (handshakeData.sessionID.content.passport !== undefined) {
var user = handshakeData.sessionID.content.passport.user;
authentication.getUserById(user, function(err, data) {
if (err) {
var err = new Error(err);
log.error(err);
// delete socket.request.headers.cookie;
return next(err);
} else {
authentication.setCurrentUser(data);
next();
}
});
// authentication.configure();
if (!handshakeData.sessionID) {
var err = new Error('Wrong session.');
return next(err);
}
} else {
next();
}
});
function parseCookie() {
var header = req.headers.cookie
if (!header)
return
var headerMatch = header.match(/(vs070=[^;\s]*)/)
if (!headerMatch)
return
var sessionCookie = headerMatch[1].substring('vs070='.length)
return sessions.util.decode({
cookieName: 'vs070',
cookie: {
domain: process.env.FQDN,
},
secret: secrets.sessionSecret,
duration: week,
activeDuration: day
}, sessionCookie)
}
socket.on('code', function(data) {
var handshakeData = socket.request;
var cookie = parseCookie(handshakeData.headers.cookie);
handshakeData.sessionID = sessions.util.decode({
cookieName: 'session',
secret: server.cookieSecret
}, cookie['session']);
var user = handshakeData.sessionID;
if(!authentication.getCurrentUser() || authentication.getCurrentUser().username != userId){
log.error(userId);
log.error(authentication.getCurrentUser());
socket.emit('authentication_failed','not authenticated');
return socket.disconnect();
} // make sure that if the user logout, he can't talk through the socket anymore.
if('rt' in data) {
try {
machine.executeRuntimeCode(data.rt, data.data)
} catch(e) {
log.error(e);
}
}
});
let getUserInfo = function(cookie) {
let matchCookie = /(?:\s|^)session=([^\s]+)/.exec(cookie);
if (!matchCookie || matchCookie.length < 2) return null; // Session cookie not set
return clientSessions.util.decode(UserSecurity.getSessionOptions(), matchCookie[1]).content;
};
module.exports = function cookie(contents) {
if (!contents._csrf) {
contents._csrf = 'test';
}
return clientSessions.util.encode(options, contents);
};