Commit 072988772d158b90c7edb88638f89cb8997c746a
1 parent
c726d602
Session: secret généré auto
Showing
3 changed files
with
11 additions
and
6 deletions
Show diff stats
Makefile
| 1 | +all: config/ci_com_pub.pem config/session_secret | ||
| 2 | + | ||
| 1 | config/ci_com_pub.pem: config/ci_com.pem | 3 | config/ci_com_pub.pem: config/ci_com.pem |
| 2 | openssl rsa -pubout -in $< -out $@ | 4 | openssl rsa -pubout -in $< -out $@ |
| 3 | chmod 777 $@ | 5 | chmod 777 $@ |
| @@ -5,3 +7,6 @@ config/ci_com_pub.pem: config/ci_com.pem | @@ -5,3 +7,6 @@ config/ci_com_pub.pem: config/ci_com.pem | ||
| 5 | config/ci_com.pem: | 7 | config/ci_com.pem: |
| 6 | openssl genrsa -out $@ 1024 | 8 | openssl genrsa -out $@ 1024 |
| 7 | chmod 700 $@ | 9 | chmod 700 $@ |
| 10 | + | ||
| 11 | +config/session_secret: | ||
| 12 | + cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 > $@ |
app/routes/ApiRtes.js
| @@ -3,8 +3,10 @@ var PolyUserServ = require('../services/PolyUserServ'); | @@ -3,8 +3,10 @@ var PolyUserServ = require('../services/PolyUserServ'); | ||
| 3 | var DecryptServ = require('../services/DecryptServ'); | 3 | var DecryptServ = require('../services/DecryptServ'); |
| 4 | var ConvsServ = require('../services/ConvsServ'); | 4 | var ConvsServ = require('../services/ConvsServ'); |
| 5 | var MessServ = require('../services/MessServ'); | 5 | var MessServ = require('../services/MessServ'); |
| 6 | +var fs = require('fs'); | ||
| 6 | var express = require('express'); | 7 | var express = require('express'); |
| 7 | -session = require('express-session'); | 8 | +var session = require('express-session'); |
| 9 | +var MongoStore = require('connect-mongo')(session); | ||
| 8 | 10 | ||
| 9 | var api = express(); | 11 | var api = express(); |
| 10 | 12 | ||
| @@ -98,7 +100,9 @@ api.use(session({ | @@ -98,7 +100,9 @@ api.use(session({ | ||
| 98 | name: 'membreCool', | 100 | name: 'membreCool', |
| 99 | resave: false, | 101 | resave: false, |
| 100 | saveUninitialized: true, | 102 | saveUninitialized: true, |
| 101 | - secret: "Le Club Info c'est cool" // TODO Vrai secret https://gist.github.com/earthgecko/3089509 | 103 | + secret: fs.readFileSync('config/session_secret', { |
| 104 | + encoding: 'UTF8' | ||
| 105 | + }) | ||
| 102 | })); | 106 | })); |
| 103 | 107 | ||
| 104 | api.get('/session', function (req, res) { // Informations sur la session | 108 | api.get('/session', function (req, res) { // Informations sur la session |
server.js
| @@ -2,7 +2,6 @@ | @@ -2,7 +2,6 @@ | ||
| 2 | var express = require('express'); | 2 | var express = require('express'); |
| 3 | var mongoose = require('mongoose'); | 3 | var mongoose = require('mongoose'); |
| 4 | var bodyParser = require('body-parser'); | 4 | var bodyParser = require('body-parser'); |
| 5 | -var cookieParser = require('cookie-parser'); | ||
| 6 | 5 | ||
| 7 | // Application ================================================================ | 6 | // Application ================================================================ |
| 8 | 7 | ||
| @@ -20,9 +19,6 @@ app.use(bodyParser.urlencoded({ | @@ -20,9 +19,6 @@ app.use(bodyParser.urlencoded({ | ||
| 20 | extended: true | 19 | extended: true |
| 21 | })); | 20 | })); |
| 22 | 21 | ||
| 23 | -// Cookie-parser | ||
| 24 | -app.use(cookieParser()); | ||
| 25 | - | ||
| 26 | // Routes | 22 | // Routes |
| 27 | require('./app/routes')(app); | 23 | require('./app/routes')(app); |
| 28 | 24 |