浏览代码

Made SID cookie name configurable in config.

KrisVos130 8 年之前
父节点
当前提交
c40e8ea50e

+ 2 - 1
backend/config/template.json

@@ -42,6 +42,7 @@
 	},
 	},
   	"cookie": {
   	"cookie": {
 	  	"domain": "",
 	  	"domain": "",
-	  	"secure": false
+	  	"secure": false,
+	  	"sidName": "SID"
 	}
 	}
 }
 }

+ 2 - 2
backend/logic/app.js

@@ -69,7 +69,7 @@ const lib = {
 				`client_id=${config.get('apis.github.client')}`,
 				`client_id=${config.get('apis.github.client')}`,
 				`redirect_uri=${config.get('serverDomain')}/auth/github/authorize/callback`,
 				`redirect_uri=${config.get('serverDomain')}/auth/github/authorize/callback`,
 				`scope=user:email`,
 				`scope=user:email`,
-				`state=${req.cookies.SID}`
+				`state=${req.cookies[config.cookie.sidName]}`
 			].join('&');
 			].join('&');
 			res.redirect(`https://github.com/login/oauth/authorize?${params}`);
 			res.redirect(`https://github.com/login/oauth/authorize?${params}`);
 		});
 		});
@@ -193,7 +193,7 @@ const lib = {
 					if (err) return redirectOnErr(res, err.message);
 					if (err) return redirectOnErr(res, err.message);
 					let date = new Date();
 					let date = new Date();
 					date.setTime(new Date().getTime() + (2 * 365 * 24 * 60 * 60 * 1000));
 					date.setTime(new Date().getTime() + (2 * 365 * 24 * 60 * 60 * 1000));
-					res.cookie('SID', sessionId, {
+					res.cookie(config.cookie.sidName, sessionId, {
 						expires: date,
 						expires: date,
 						secure: config.get("cookie.secure"),
 						secure: config.get("cookie.secure"),
 						path: "/",
 						path: "/",

+ 2 - 1
backend/logic/io.js

@@ -5,6 +5,7 @@
 const app = require('./app');
 const app = require('./app');
 const actions = require('./actions');
 const actions = require('./actions');
 const async = require('async');
 const async = require('async');
+const config = require('config');
 const cache = require('./cache');
 const cache = require('./cache');
 const utils = require('./utils');
 const utils = require('./utils');
 const db = require('./db');
 const db = require('./db');
@@ -25,7 +26,7 @@ module.exports = {
 		this.io.use((socket, next) => {
 		this.io.use((socket, next) => {
 			if (lockdown) return;
 			if (lockdown) return;
 			let cookies = socket.request.headers.cookie;
 			let cookies = socket.request.headers.cookie;
-			let SID = utils.cookies.parseCookies(cookies).SID;
+			let SID = utils.cookies.parseCookies(cookies)[config.cookie.sidName];
 
 
 			socket.ip = socket.request.headers['x-forwarded-for'] || '0.0.0.0';
 			socket.ip = socket.request.headers['x-forwarded-for'] || '0.0.0.0';
 
 

+ 1 - 1
frontend/app/js/views/Auth/Login.jsx

@@ -26,7 +26,7 @@ export default class Login extends Component {
 						const secure = (config.cookie.secure) ? "secure=true; " : "";
 						const secure = (config.cookie.secure) ? "secure=true; " : "";
 						let domain = "";
 						let domain = "";
 						if (config.cookie.domain !== "localhost") domain = ` domain=${ config.cookie.domain };`;
 						if (config.cookie.domain !== "localhost") domain = ` domain=${ config.cookie.domain };`;
-						document.cookie = `SID=${ res.SID }; expires=${ date.toGMTString() }; ${ domain }${ secure }path=/`;
+						document.cookie = `${ config.cookie.sidName }=${ res.SID }; expires=${ date.toGMTString() }; ${ domain }${ secure }path=/`;
 						location.reload(); // if we could avoid this, then that would be better
 						location.reload(); // if we could avoid this, then that would be better
 					} else {
 					} else {
 						this.errors.addError(res.message);
 						this.errors.addError(res.message);

+ 1 - 1
frontend/app/js/views/Auth/Register.jsx

@@ -35,7 +35,7 @@ export default class Register extends Component {
 							const date = new Date();
 							const date = new Date();
 							date.setTime(new Date().getTime() + (2 * 365 * 24 * 60 * 60 * 1000));
 							date.setTime(new Date().getTime() + (2 * 365 * 24 * 60 * 60 * 1000));
 							const secure = (config.cookie.secure) ? "secure=true; " : "";
 							const secure = (config.cookie.secure) ? "secure=true; " : "";
-							document.cookie = `SID=${ res.SID }; expires=${ date.toGMTString() }; domain=${ config.cookie.domain }; ${ secure }path=/`;
+							document.cookie = `${ config.cookie.sidName }=${ res.SID }; expires=${ date.toGMTString() }; domain=${ config.cookie.domain }; ${ secure }path=/`;
 							location.reload(); // if we could avoid this, then that would be better
 							location.reload(); // if we could avoid this, then that would be better
 						} else {
 						} else {
 							// redirect to login
 							// redirect to login

+ 2 - 1
frontend/config/template.js

@@ -5,6 +5,7 @@ export default {
   	"serverDomain": "",
   	"serverDomain": "",
   	"cookie": {
   	"cookie": {
 		"domain": "",
 		"domain": "",
-		"secure": false
+		"secure": false,
+		"sidName": "SID",
 	}
 	}
 }
 }