frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2025-03-01 10:36:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4718 from node-red/4717-add-httpAdminCookieOptions

Browse Source 
Add httpAdminCookieOptions
This commit is contained in:
Nick O'Leary 2024-05-28 10:15:46 +01:00 committed by GitHub
commit 7bd61f2c96
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 29 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
packages/node_modules/@node-red/editor-api/lib/auth/index.js vendored
View File

@ -160,20 +160,30 @@ function completeVerify(profile,done) {
function genericStrategy(adminApp,strategy) { function genericStrategy(adminApp,strategy) {
var crypto = require("crypto") const crypto = require("crypto")
var session = require('express-session') const session = require('express-session')
var MemoryStore = require('memorystore')(session) const MemoryStore = require('memorystore')(session)
adminApp.use(session({ const sessionOptions = {
// As the session is only used across the life-span of an auth // As the session is only used across the life-span of an auth
// hand-shake, we can use a instance specific random string // hand-shake, we can use a instance specific random string
secret: crypto.randomBytes(20).toString('hex'), secret: crypto.randomBytes(20).toString('hex'),
resave: false, resave: false,
saveUninitialized: false, saveUninitialized: false,
store: new MemoryStore({ store: new MemoryStore({
checkPeriod: 86400000 // prune expired entries every 24h checkPeriod: 86400000 // prune expired entries every 24h
}) })
})); }
if (settings.httpAdminCookieOptions) {
sessionOptions.cookie = {
path: '/',
httpOnly: true,
secure: false,
maxAge: null,
...settings.httpAdminCookieOptions
}
}
adminApp.use(session(sessionOptions));
//TODO: all passport references ought to be in ./auth //TODO: all passport references ought to be in ./auth
adminApp.use(passport.initialize()); adminApp.use(passport.initialize());
adminApp.use(passport.session()); adminApp.use(passport.session());

6
packages/node_modules/node-red/settings.js vendored
View File

@ -133,6 +133,7 @@ module.exports = {
* - httpServerOptions * - httpServerOptions
* - httpAdminRoot * - httpAdminRoot
* - httpAdminMiddleware * - httpAdminMiddleware
* - httpAdminCookieOptions
* - httpNodeRoot * - httpNodeRoot
* - httpNodeCors * - httpNodeCors
* - httpNodeMiddleware * - httpNodeMiddleware
@ -178,6 +179,11 @@ module.exports = {
// next(); // next();
// }, // },
/** The following property can be used to set addition options on the session
* cookie used as part of adminAuth authentication system
* Available options are documented here: https://www.npmjs.com/package/express-session#cookie
*/
// httpAdminCookieOptions: { },
/** Some nodes, such as HTTP In, can be used to listen for incoming http requests. /** Some nodes, such as HTTP In, can be used to listen for incoming http requests.
* By default, these are served relative to '/'. The following property * By default, these are served relative to '/'. The following property