Created
July 5, 2016 13:53
-
-
Save jdposthuma/1d5721df642d8ed569df20d3911f5b66 to your computer and use it in GitHub Desktop.
Workaround for voxpelli/node-connect-pg-simple Session not set immediately after login #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/*jslint node: true */ | |
'use strict'; | |
var config = require('./config'); | |
var db = require('./' + config.db.type); | |
var express = require('express'); | |
var passport = require('passport'); | |
var site = require('./site'); | |
var oauth2 = require('./oauth2'); | |
var user = require('./user'); | |
var client = require('./client'); | |
var token = require('./token'); | |
var diags = require('./diagnostics'); | |
var http = require('http'); | |
var cookieParser = require('cookie-parser'); | |
var bodyParser = require('body-parser'); | |
var fs = require('fs'); | |
var expressSession = require("express-session"); | |
var path = require('path'); | |
var password = require('password-hash-and-salt'); | |
var _ = require('underscore'); | |
//Pull in the mongo store if we're configured to use it | |
//else pull in MemoryStore for the session configuration | |
var sessionStorage; | |
if (config.session.type === 'MongoStore') { | |
var MongoStore = require('connect-mongo')({ session: expressSession }); | |
console.log('Using MongoDB for the Session'); | |
sessionStorage = new MongoStore({ | |
db: config.session.dbName | |
}); | |
} else if (config.session.type === 'MemoryStore') { | |
var MemoryStore = expressSession.MemoryStore; | |
console.log('Using MemoryStore for the Session'); | |
sessionStorage = new MemoryStore(); | |
} else if (config.session.type === 'PostgreStore') { | |
var pgSession = require('connect-pg-simple')(expressSession); | |
console.log('Using PostgreSQL for the Session'); | |
sessionStorage = new pgSession({ | |
conString: config.db.connection, | |
tableName: config.session.tableName | |
}); | |
} else { | |
//We have no idea here | |
throw new Error("Within config/index.js the session.type is unknown: " + config.session.type); | |
} | |
//Pull in the mongo store if we're configured to use it else pull in MemoryStore for the database configuration | |
var db = require('./' + config.db.type); | |
if (config.db.type === 'mongodb') { | |
console.log('Using MongoDB for the data store'); | |
} else if (config.db.type === 'db') { | |
console.log('Using MemoryStore for the data store'); | |
} else if (config.db.type === 'postgres') { | |
console.log('Using PostgreSQL for the data store'); | |
} else { | |
throw new Error("Within config/index.js the db.type is unknown: " + config.db.type); | |
} | |
// Express configuration | |
var app = express(); | |
app.set('view engine', 'ejs'); | |
app.use(cookieParser()); | |
//Session Configuration | |
app.use(expressSession({ | |
saveUninitialized: true, | |
resave: false, | |
secret: config.session.secret, | |
store: sessionStorage, | |
key: "authorization.sid", | |
cookie: { maxAge: config.session.maxAge } | |
})); | |
// this is a ugly hack | |
// we're trying to deserialize the user object for passportjs on every call, | |
// which duplicates what Passport is doing, however, this looks up the | |
// session value synchronously before moving on (req.sessionStore.get() vs req.session.user) | |
// Ideally, passportjs should fix this problem which is a result of express-session reads being asynchronous | |
app.use(function (req, res, next) { | |
// console.log("looking up user"); | |
req.sessionStore.get(req.sessionID, function (err, mySession) { | |
if (mySession && mySession.passport && mySession.passport.user) { | |
db.users.find(mySession.passport.user, function (err, user) { | |
req.user = user; | |
// console.log("set user: " + user.username); | |
next(); | |
}); | |
} else { | |
next(); | |
} | |
}); | |
}); | |
app.use(bodyParser.urlencoded({ extended: true })); | |
app.use(bodyParser.json()); | |
app.use(function (req, res, next) { | |
if (_.contains(config.allowedNonSecurePaths, req.path.toLowerCase())) { | |
return next(); | |
} | |
if (req.headers['x-forwarded-proto'] && req.headers['x-forwarded-proto'] != 'https') { | |
res.redirect('https://' + req.hostname + req.url); | |
} | |
return next(); | |
}); | |
require('./auth'); | |
app.use(passport.initialize()); | |
app.use(passport.session()); | |
app.get('/login', site.loginForm); | |
app.post('/login', site.login); | |
app.get('/logout', site.logout); | |
app.get('/account', site.account); | |
app.get('/dialog/authorize', oauth2.authorization); | |
app.post('/dialog/authorize/decision', oauth2.decision); | |
app.post('/oauth/token', oauth2.token); | |
app.get('/api/userinfo', user.info); | |
app.get('/api/clientinfo', client.info); | |
app.get('/api/tokeninfo', token.info); | |
app.get('/status', diags.status); | |
app.use(express.static(path.join(__dirname, 'public'))); | |
app.use(function (err, req, res, next) { | |
if (err) { | |
res.status(err.status); | |
res.json(err); | |
} else { | |
next(); | |
} | |
}); | |
http.createServer(app).listen(process.env.PORT || '3000'); | |
console.log("OAuth 2.0 Authorization Server started on port " + (process.env.PORT || '3000')); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment