1
0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00

add express-session memorystore without leaks (#1435)

* add express-session memorystore without leaks

* Bump memorystore to v1.6.0
This commit is contained in:
Rocco Musolino 2018-01-11 23:51:05 +01:00 committed by Nick O'Leary
parent bedb2d943e
commit 2c4d5fa38d
2 changed files with 13 additions and 7 deletions

View File

@ -47,6 +47,7 @@
"json-stringify-safe":"5.0.1", "json-stringify-safe":"5.0.1",
"jsonata":"1.3.0", "jsonata":"1.3.0",
"media-typer": "0.3.0", "media-typer": "0.3.0",
"memorystore": "1.6.0",
"mqtt": "2.9.0", "mqtt": "2.9.0",
"multer": "1.3.0", "multer": "1.3.0",
"mustache": "2.3.0", "mustache": "2.3.0",

View File

@ -150,14 +150,19 @@ module.exports = {
login: login, login: login,
revoke: revoke, revoke: revoke,
genericStrategy: function(adminApp,strategy) { genericStrategy: function(adminApp,strategy) {
var session = require('express-session'); var crypto = require("crypto")
var crypto = require("crypto"); var session = require('express-session')
var MemoryStore = require('memorystore')(session)
adminApp.use(session({ adminApp.use(session({
// As the session is only used across the life-span of an auth // As the session is only used across the life-span of an auth
// hand-shake, we can use a instance specific random string // hand-shake, we can use a instance specific random string
secret: crypto.randomBytes(20).toString('hex'), secret: crypto.randomBytes(20).toString('hex'),
resave: false, resave: false,
saveUninitialized:false saveUninitialized: false,
store: new MemoryStore({
checkPeriod: 86400000 // prune expired entries every 24h
})
})); }));
//TODO: all passport references ought to be in ./auth //TODO: all passport references ought to be in ./auth
adminApp.use(passport.initialize()); adminApp.use(passport.initialize());