summaryrefslogtreecommitdiff
path: root/src/node/hooks/express/webaccess.js
diff options
context:
space:
mode:
Diffstat (limited to 'src/node/hooks/express/webaccess.js')
-rw-r--r--src/node/hooks/express/webaccess.js14
1 files changed, 7 insertions, 7 deletions
diff --git a/src/node/hooks/express/webaccess.js b/src/node/hooks/express/webaccess.js
index ffced047..41bf3880 100644
--- a/src/node/hooks/express/webaccess.js
+++ b/src/node/hooks/express/webaccess.js
@@ -56,10 +56,10 @@ exports.basicAuth = function (req, res, next) {
res.header('WWW-Authenticate', 'Basic realm="Protected Area"');
if (req.headers.authorization) {
setTimeout(function () {
- res.send('Authentication required', 401);
+ res.send(401, 'Authentication required');
}, 1000);
} else {
- res.send('Authentication required', 401);
+ res.send(401, 'Authentication required');
}
}));
}
@@ -88,14 +88,13 @@ exports.basicAuth = function (req, res, next) {
});
}
-var secret = null;
+exports.secret = null;
exports.expressConfigure = function (hook_name, args, cb) {
// If the log level specified in the config file is WARN or ERROR the application server never starts listening to requests as reported in issue #158.
// Not installing the log4js connect logger when the log level has a higher severity than INFO since it would not log at that level anyway.
if (!(settings.loglevel === "WARN" || settings.loglevel == "ERROR"))
args.app.use(log4js.connectLogger(httpLogger, { level: log4js.levels.INFO, format: ':status, :method :url'}));
- args.app.use(express.cookieParser());
/* Do not let express create the session, so that we can retain a
* reference to it for socket.io to use. Also, set the key (cookie
@@ -104,13 +103,14 @@ exports.expressConfigure = function (hook_name, args, cb) {
if (!exports.sessionStore) {
exports.sessionStore = new express.session.MemoryStore();
- secret = randomString(32);
+ exports.secret = randomString(32);
}
+
+ args.app.use(express.cookieParser(exports.secret));
args.app.sessionStore = exports.sessionStore;
args.app.use(express.session({store: args.app.sessionStore,
- key: 'express_sid',
- secret: secret}));
+ key: 'express_sid' }));
args.app.use(exports.basicAuth);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-17 20:51:19 +0000