hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

some work on session login etc

Browse Source
v1.18.x
Julian Lam 12 years ago
parent dfd5c9960b
commit c1186f396e
7 changed files with 74 additions and 33 deletions
Show Stats Download Patch File Download Diff File

3
package.json
Unescape Escape View File

@ -13,7 +13,8 @@
"redis": "0.8.3", "redis": "0.8.3",
"express": "3.2.0", "express": "3.2.0",
"connect": "2.7.6", "connect": "2.7.6",
"emailjs": "0.3.4" "emailjs": "0.3.4",
"cookie": "0.0.6"
}, },
"devDependencies": {}, "devDependencies": {},
"optionalDependencies": {}, "optionalDependencies": {},

4
public/src/app.js
Unescape Escape View File

@ -10,8 +10,8 @@ var socket,
config = data; config = data;
socket = io.connect('http://' + config.socket.address + config.socket.port? ':' + config.socket.port : ''); socket = io.connect('http://' + config.socket.address + config.socket.port? ':' + config.socket.port : '');
socket.on('event:connect', function(data) { socket.on('connect', function(data) {
console.log('connected to socket.io: ', data);
}); });
socket.on('event:alert', function(data) { socket.on('event:alert', function(data) {

7
src/redis.js
Unescape Escape View File

@ -22,8 +22,9 @@
} }
} }
RedisDB.set = function(key, value) { RedisDB.set = function(key, value, expiry) {
db.set(key, value); db.set(key, value);
if (expiry !== undefined) RedisDB.expire(key, expiry);
}; };
RedisDB.get = function(key, callback, error_handler) { RedisDB.get = function(key, callback, error_handler) {
@ -36,6 +37,10 @@
db.del(key); db.del(key);
} }
RedisDB.expire = function(key, expiry) {
db.expire(key, expiry);
}
// Atomic Operations // Atomic Operations
RedisDB.incr = function(key, callback, error_handler) { RedisDB.incr = function(key, callback, error_handler) {
db.incr(key, function(error, data) { db.incr(key, function(error, data) {

6
src/templates.js
Unescape Escape View File

@ -24,7 +24,11 @@ var fs = require('fs');
} }
Templates.init = function() { Templates.init = function() {
loadTemplates(['header', 'footer', 'register', 'home', 'login', 'reset', 'reset_code', 'emails/reset', 'emails/reset_plaintext']); loadTemplates([
'header', 'footer', 'register', 'home',
'login', 'reset', 'reset_code', 'account_settings',
'emails/reset', 'emails/reset_plaintext'
]);
} }
var parse = function(data) { var parse = function(data) {

24
src/user.js
Unescape Escape View File

@ -5,44 +5,38 @@ var config = require('../config.js'),
emailjsServer = emailjs.server.connect(config.mailer); emailjsServer = emailjs.server.connect(config.mailer);
(function(User) { (function(User) {
var current_uid;
User.login = function(user) { User.login = function(user) {
if (current_uid) {
return global.socket.emit('user.login', {'status': 0, 'message': 'User is already logged in.'});
}
if (user.username == null || user.password == null) { if (user.username == null || user.password == null) {
return global.socket.emit('user.login', {'status': 0, 'message': 'Missing fields'}); return global.socket.emit('user.login', {'status': 0, 'message': 'Missing fields'});
} }
RDB.get('username:' + user.username + ':uid', function(uid) { RDB.get('username:' + user.username + ':uid', function(uid) {
if (uid == null) { if (uid == null) {
return global.socket.emit('user.login', {'status': 0, 'message': 'Username does not exist.'}); return global.socket.emit('user.login', {'status': 0, 'message': 'Username does not exist.'});
} }
RDB.get('uid:' + uid + ':password', function(password) { RDB.get('uid:' + uid + ':password', function(password) {
if (user.password != password) { if (user.password != password) {
return global.socket.emit('user.login', {'status': 0, 'message': 'Incorrect username / password combination.'}); return global.socket.emit('user.login', {'status': 0, 'message': 'Incorrect username / password combination.'});
} else { } else {
return global.socket.emit('user.login', {'status': 1, 'message': 'Logged in!'}); // Start, replace, or extend a session
RDB.get('uid:' + uid + ':session', function(session) {
if (session !== user.sessionID) {
RDB.set('uid:' + uid + ':session', user.sessionID, 60*60*24*14); // Login valid for two weeks
} else {
RDB.expire('uid:' + uid + ':session', 60*60*24*14); // Defer expiration to two weeks from now
} }
}); });
return global.socket.emit('user.login', {'status': 1, 'message': 'Logged in!'});
}
});
}); });
}; };
User.create = function(username, password, email) { User.create = function(username, password, email) {
if (current_uid) {
return; global.socket.emit('user.create', {'status': 0, 'message': 'Only anonymous users can register a new account.'});
}
if (username == null || password == null) { if (username == null || password == null) {
return; global.socket.emit('user.create', {'status': 0, 'message': 'Missing fields'}); return; global.socket.emit('user.create', {'status': 0, 'message': 'Missing fields'});
} }

34
src/webserver.js
Unescape Escape View File

@ -14,6 +14,25 @@ var express = require('express'),
modules.templates.init(); modules.templates.init();
} }
} }
function checkAuth(req, res, next) {
if (!req.session || !req.session.uid) {
res.send(403, 'You are not authorized to view this page');
} else {
next();
}
}
// Middlewares
app.use(express.favicon()); // 2 args: string path and object options (i.e. expire time etc)
app.use(express.bodyParser()); // Puts POST vars in request.body
app.use(express.cookieParser()); // If you want to parse cookies (res.cookies)
app.use(express.session({secret: 'nodebb-julian', key: 'express.sid'}));
// Dunno wtf this does
// app.use(express.logger({ format: '\x1b[1m:method\x1b[0m \x1b[33m:url\x1b[0m :response-time ms' }));
// Useful if you want to use app.put and app.delete (instead of app.post all the time)
// app.use(express.methodOverride());
app.get('/', function(req, res) { app.get('/', function(req, res) {
refreshTemplates(); refreshTemplates();
res.send(templates['header'] + templates['home'] + templates['footer']); res.send(templates['header'] + templates['home'] + templates['footer']);
@ -39,22 +58,17 @@ var express = require('express'),
res.send(templates['header'] + templates['register'] + templates['footer']); res.send(templates['header'] + templates['register'] + templates['footer']);
}); });
app.get('/account', checkAuth, function(req, res) {
refreshTemplates();
res.send(templates['header'] + templates['account_settings'] + templates['footer']);
});
module.exports.init = function() { module.exports.init = function() {
// todo move some of this stuff into config.json // todo move some of this stuff into config.json
app.configure(function() { app.configure(function() {
app.use(express.favicon()); // 2 args: string path and object options (i.e. expire time etc)
app.use(express.bodyParser()); // Puts POST vars in request.body
app.use(express.cookieParser()); // Presumably important
// Dunno wtf this does
// app.use(express.logger({ format: '\x1b[1m:method\x1b[0m \x1b[33m:url\x1b[0m :response-time ms' }));
// Useful if you want to use app.put and app.delete (instead of app.post all the time)
// app.use(express.methodOverride());
app.use(express.static(global.configuration.ROOT_DIRECTORY + '/public')); app.use(express.static(global.configuration.ROOT_DIRECTORY + '/public'));
}); });
} }
}(WebServer)); }(WebServer));
server.listen(config.port); server.listen(config.port);

29
src/websockets.js
Unescape Escape View File

@ -1,13 +1,34 @@
var SocketIO = require('socket.io').listen(global.server); var SocketIO = require('socket.io').listen(global.server),
cookie = require('cookie'),
connect = require('connect');
(function(io) { (function(io) {
var modules = null; var modules = null,
sessionID;
global.io = io; global.io = io;
module.exports.init = function() { module.exports.init = function() {
modules = global.modules; modules = global.modules;
} }
// Adapted from http://howtonode.org/socket-io-auth
io.set('authorization', function(handshakeData, accept) {
if (handshakeData.headers.cookie) {
handshakeData.cookie = cookie.parse(handshakeData.headers.cookie);
handshakeData.sessionID = connect.utils.parseSignedCookie(handshakeData.cookie['express.sid'], 'nodebb-julian');
if (handshakeData.cookie['express.sid'] == handshakeData.sessionID) {
return accept('Cookie is invalid.', false);
}
} else {
// No cookie sent
return accept('No cookie transmitted', false);
}
// Otherwise, continue unimpeded.
sessionID = handshakeData.sessionID;
accept(null, true);
});
io.sockets.on('connection', function(socket) { io.sockets.on('connection', function(socket) {
global.socket = socket; global.socket = socket;
@ -17,7 +38,8 @@ var SocketIO = require('socket.io').listen(global.server);
modules.templates.init(); modules.templates.init();
} }
socket.emit('event:connect', {status: 1}); // not required, "connect" emitted automatically
// socket.emit('event:connect', {status: 1});
// BEGIN: API calls (todo: organize) // BEGIN: API calls (todo: organize)
// julian: :^) // julian: :^)
@ -38,6 +60,7 @@ var SocketIO = require('socket.io').listen(global.server);
}); });
socket.on('user.login', function(data) { socket.on('user.login', function(data) {
data.sessionID = sessionID;
modules.user.login(data); modules.user.login(data);
}); });

Write Preview
Loading…
Cancel
Save