module.exports.get_xsrf_token = function (req, res) {
uid_safe(50)
.then(function (uid) {
res.cookie('XSRF-TOKEN', uid, {httpOnly: false});
req.session['XSRF-TOKEN'] = uid;
res.status(200).end();
})
.catch(function () {
res.status(500).end();
});
};
module.exports = function (req, res, next) {
// 为每个请求生成uid
uid(24, function (err, id) {
if (err) {
return next(err);
}
req.uid = id;
// 需要前后端同步的数据
res.syncData = {};
// 本次请求附加的静态模版变量
res.templateData = {};
res.set('X-Powered-By', 'Rebas');
next();
});
};
"use strict";function Tokens(e){if(!(this instanceof Tokens))return new Tokens(e);var n=e||{},t=void 0!==n.saltLength?n.saltLength:8;if("number"!=typeof t||!isFinite(t)||1>t)throw new TypeError("option saltLength must be finite number > 1");var r=void 0!==n.secretLength?n.secretLength:18;if("number"!=typeof r||!isFinite(r)||1>r)throw new TypeError("option secretLength must be finite number > 1");this.saltLength=t,this.secretLength=r}var rndm=require("rndm"),scmp=require("scmp"),uid=require("uid-safe"),crypto=require("crypto"),escape=require("base64-url").escape;module.exports=Tokens,Tokens.prototype.create=function(e){if(!e||"string"!=typeof e)throw new TypeError("argument secret is required");return this._tokenize(e,rndm(this.saltLength))},Tokens.prototype.secret=function(e){return uid(this.secretLength,e)},Tokens.prototype.secretSync=function(){return uid.sync(this.secretLength)},Tokens.prototype._tokenize=function(e,n){var t=crypto.createHash("sha1").update(n+"-"+e,"ascii").digest("base64");return escape(n+"-"+t)},Tokens.prototype.verify=function(e,n){if(!e||"string"!=typeof e)return!1;if(!n||"string"!=typeof n)return!1;var t=n.indexOf("-");if(-1===t)return!1;var r=n.substr(0,t),i=this._tokenize(e,r);return scmp(n,i)};
secret: function secret(cb) {
return uid(secretLength, cb)
},