mirror of
https://github.com/thinkjs/thinkjs.git
synced 2026-01-25 14:42:47 +00:00
74 lines
2.1 KiB
JavaScript
74 lines
2.1 KiB
JavaScript
var crypto = require('crypto');
|
||
|
||
var uid = function(length){
|
||
var ratio = Math.log(64) / Math.log(256);
|
||
var numbytes = Math.ceil(length * ratio);
|
||
var str = crypto.randomBytes(numbytes).toString('base64').slice(0, length);
|
||
return str.replace(/\+/g, '_').replace(/\//g, '-');
|
||
};
|
||
var cookie_sign = function(val, secret){
|
||
secret = crypto.createHmac('sha256', secret).update(val).digest('base64');
|
||
secret = secret.replace(/\=+$/, '');
|
||
return val + '.' + secret;
|
||
};
|
||
var cookie_unsign = function(val, secret){
|
||
var str = val.slice(0, val.lastIndexOf('.'));
|
||
return cookie_sign(str, secret) === val ? str : false;
|
||
}
|
||
|
||
module.exports = Class(function(){
|
||
return {
|
||
key: "",
|
||
cookie: null,
|
||
init: function(http){
|
||
this.http = http;
|
||
//session_cookie是未签名的cookie
|
||
this.cookie = this.http.session_cookie;
|
||
},
|
||
get: function(name){
|
||
var deferrd = when.defer();
|
||
process.nextTick(function(){
|
||
deferrd.resolve("");
|
||
})
|
||
return deferrd.promise;
|
||
},
|
||
set: function(name, value){
|
||
return true;
|
||
}
|
||
}
|
||
});
|
||
|
||
//解析cookie
|
||
module.exports.start = function(http){
|
||
if (http.session_cookie) {
|
||
return http.session_cookie;
|
||
};
|
||
var name = C('session_id');
|
||
//是否使用签名
|
||
var secret = C('session_cookie_sign');
|
||
var cookie = http.cookie[name];
|
||
if (cookie && secret) {
|
||
cookie = cookie_unsign(cookie, secret);
|
||
};
|
||
var session_cookie = cookie;
|
||
if (!cookie) {
|
||
cookie = uid(32);
|
||
session_cookie = cookie;
|
||
if (secret) {
|
||
cookie = cookie_sign(cookie, secret);
|
||
};
|
||
http.setCookie(name, cookie, C('session_options'));
|
||
}
|
||
//将cookie值放到http对象上,方便后续获取
|
||
http.session_cookie = session_cookie;
|
||
|
||
var name = C('session_type') + "Session";
|
||
var cls = think_require(name)(http);
|
||
//session类
|
||
http.session = cls;
|
||
|
||
return cookie;
|
||
};
|
||
|
||
module.exports.cookie_sign = cookie_sign;
|
||
module.exports.cookie_unsign = cookie_unsign; |