mirror of
https://github.com/node-red/node-red.git
synced 2023-10-10 13:36:53 +02:00
add express-session memorystore without leaks (#1435)
* add express-session memorystore without leaks * Bump memorystore to v1.6.0
This commit is contained in:
parent
bedb2d943e
commit
2c4d5fa38d
@ -47,6 +47,7 @@
|
||||
"json-stringify-safe":"5.0.1",
|
||||
"jsonata":"1.3.0",
|
||||
"media-typer": "0.3.0",
|
||||
"memorystore": "1.6.0",
|
||||
"mqtt": "2.9.0",
|
||||
"multer": "1.3.0",
|
||||
"mustache": "2.3.0",
|
||||
|
@ -150,14 +150,19 @@ module.exports = {
|
||||
login: login,
|
||||
revoke: revoke,
|
||||
genericStrategy: function(adminApp,strategy) {
|
||||
var session = require('express-session');
|
||||
var crypto = require("crypto");
|
||||
var crypto = require("crypto")
|
||||
var session = require('express-session')
|
||||
var MemoryStore = require('memorystore')(session)
|
||||
|
||||
adminApp.use(session({
|
||||
// As the session is only used across the life-span of an auth
|
||||
// hand-shake, we can use a instance specific random string
|
||||
secret: crypto.randomBytes(20).toString('hex'),
|
||||
resave: false,
|
||||
saveUninitialized:false
|
||||
saveUninitialized: false,
|
||||
store: new MemoryStore({
|
||||
checkPeriod: 86400000 // prune expired entries every 24h
|
||||
})
|
||||
}));
|
||||
//TODO: all passport references ought to be in ./auth
|
||||
adminApp.use(passport.initialize());
|
||||
|
Loading…
Reference in New Issue
Block a user