há 7 anos atrás · c40e8ea50e
--- a/backend/config/template.json
+++ b/backend/config/template.json
@@ -42,6 +42,7 @@
 
				 	},
			
 
				   	"cookie": {
			
 
				 	  	"domain": "",
			
 
				-	  	"secure": false
			
 
				+	  	"secure": false,
			
 
				+	  	"sidName": "SID"
			
 
				 	}
			
 
				 }
			
--- a/backend/logic/app.js
+++ b/backend/logic/app.js
@@ -69,7 +69,7 @@ const lib = {
 
				 				`client_id=${config.get('apis.github.client')}`,
			
 
				 				`redirect_uri=${config.get('serverDomain')}/auth/github/authorize/callback`,
			
 
				 				`scope=user:email`,
			
 
				-				`state=${req.cookies.SID}`
			
 
				+				`state=${req.cookies[config.cookie.sidName]}`
			
 
				 			].join('&');
			
 
				 			res.redirect(`https://github.com/login/oauth/authorize?${params}`);
			
 
				 		});
			
@@ -193,7 +193,7 @@ const lib = {
 
				 					if (err) return redirectOnErr(res, err.message);
			
 
				 					let date = new Date();
			
 
				 					date.setTime(new Date().getTime() + (2 * 365 * 24 * 60 * 60 * 1000));
			
 
				-					res.cookie('SID', sessionId, {
			
 
				+					res.cookie(config.cookie.sidName, sessionId, {
			
 
				 						expires: date,
			
 
				 						secure: config.get("cookie.secure"),
			
 
				 						path: "/",
			
--- a/backend/logic/io.js
+++ b/backend/logic/io.js
@@ -5,6 +5,7 @@
 
				 const app = require('./app');
			
 
				 const actions = require('./actions');
			
 
				 const async = require('async');
			
 
				+const config = require('config');
			
 
				 const cache = require('./cache');
			
 
				 const utils = require('./utils');
			
 
				 const db = require('./db');
			
@@ -25,7 +26,7 @@ module.exports = {
 
				 		this.io.use((socket, next) => {
			
 
				 			if (lockdown) return;
			
 
				 			let cookies = socket.request.headers.cookie;
			
 
				-			let SID = utils.cookies.parseCookies(cookies).SID;
			
 
				+			let SID = utils.cookies.parseCookies(cookies)[config.cookie.sidName];
			
 
				 
			
 
				 			socket.ip = socket.request.headers['x-forwarded-for'] || '0.0.0.0';
			
 
				 
			
--- a/frontend/app/js/views/Auth/Login.jsx
+++ b/frontend/app/js/views/Auth/Login.jsx
@@ -26,7 +26,7 @@ export default class Login extends Component {
 
				 						const secure = (config.cookie.secure) ? "secure=true; " : "";
			
 
				 						let domain = "";
			
 
				 						if (config.cookie.domain !== "localhost") domain = ` domain=${ config.cookie.domain };`;
			
 
				-						document.cookie = `SID=${ res.SID }; expires=${ date.toGMTString() }; ${ domain }${ secure }path=/`;
			
 
				+						document.cookie = `${ config.cookie.sidName }=${ res.SID }; expires=${ date.toGMTString() }; ${ domain }${ secure }path=/`;
			
 
				 						location.reload(); // if we could avoid this, then that would be better
			
 
				 					} else {
			
 
				 						this.errors.addError(res.message);
			
--- a/frontend/app/js/views/Auth/Register.jsx
+++ b/frontend/app/js/views/Auth/Register.jsx
@@ -35,7 +35,7 @@ export default class Register extends Component {
 
				 							const date = new Date();
			
 
				 							date.setTime(new Date().getTime() + (2 * 365 * 24 * 60 * 60 * 1000));
			
 
				 							const secure = (config.cookie.secure) ? "secure=true; " : "";
			
 
				-							document.cookie = `SID=${ res.SID }; expires=${ date.toGMTString() }; domain=${ config.cookie.domain }; ${ secure }path=/`;
			
 
				+							document.cookie = `${ config.cookie.sidName }=${ res.SID }; expires=${ date.toGMTString() }; domain=${ config.cookie.domain }; ${ secure }path=/`;
			
 
				 							location.reload(); // if we could avoid this, then that would be better
			
 
				 						} else {
			
 
				 							// redirect to login
			
--- a/frontend/config/template.js
+++ b/frontend/config/template.js
@@ -5,6 +5,7 @@ export default {
 
				   	"serverDomain": "",
			
 
				   	"cookie": {
			
 
				 		"domain": "",
			
 
				-		"secure": false
			
 
				+		"secure": false,
			
 
				+		"sidName": "SID",
			
 
				 	}
			
 
				 }