Fix
This commit is contained in:
calzoneman
parent
6ab609db71
commit
a0b7bff70c
|
|
@ -7,11 +7,16 @@ var createError = require("http-errors");
|
||||||
|
|
||||||
var tokens = csrf();
|
var tokens = csrf();
|
||||||
|
|
||||||
exports.init = function csrfInit(req, res, next) {
|
exports.init = function csrfInit (domain) {
|
||||||
|
return function (req, res, next) {
|
||||||
var secret = req.signedCookies._csrf;
|
var secret = req.signedCookies._csrf;
|
||||||
if (!secret) {
|
if (!secret) {
|
||||||
secret = tokens.secretSync();
|
secret = tokens.secretSync();
|
||||||
res.cookie("_csrf", secret, { signed: true, httpOnly: true });
|
res.cookie("_csrf", secret, {
|
||||||
|
domain: domain,
|
||||||
|
signed: true,
|
||||||
|
httpOnly: true
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
var token;
|
var token;
|
||||||
|
|
@ -26,6 +31,7 @@ exports.init = function csrfInit(req, res, next) {
|
||||||
};
|
};
|
||||||
|
|
||||||
next();
|
next();
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
exports.verify = function csrfVerify(req) {
|
exports.verify = function csrfVerify(req) {
|
||||||
|
|
|
||||||
|
|
@ -191,7 +191,7 @@ module.exports = {
|
||||||
Logger.errlog.log("YOU SHOULD CHANGE THE VALUE OF cookie-secret IN config.yaml");
|
Logger.errlog.log("YOU SHOULD CHANGE THE VALUE OF cookie-secret IN config.yaml");
|
||||||
}
|
}
|
||||||
app.use(cookieParser(Config.get("http.cookie-secret")));
|
app.use(cookieParser(Config.get("http.cookie-secret")));
|
||||||
app.use(csrf.init);
|
app.use(csrf.init(Config.get("http.root-domain-dotted")));
|
||||||
app.use(morgan(LOG_FORMAT, {
|
app.use(morgan(LOG_FORMAT, {
|
||||||
stream: require("fs").createWriteStream(path.join(__dirname, "..", "..",
|
stream: require("fs").createWriteStream(path.join(__dirname, "..", "..",
|
||||||
"http.log"), {
|
"http.log"), {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue