Skip to content

Commit

Permalink
Merge pull request TryGhost#5 from sebgie/cookies
Browse files Browse the repository at this point in the history
Revert sessions to cookieSessions
  • Loading branch information
ErisDS committed Oct 18, 2013
2 parents 0437e16 + 2ee8f96 commit e100ef4
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 53 deletions.
11 changes: 3 additions & 8 deletions core/server.js
Original file line number Diff line number Diff line change
Expand Up @@ -275,14 +275,9 @@ when(ghost.init()).then(function () {
// Session handling
// Pro tip: while in development mode cookieSession can be used
// to keep you logged in while restarting the server
server.use(express.cookieParser());
if (process.env.NODE_ENV === 'development'
&& ghost.config().hasOwnProperty('useCookieSession')
&& ghost.config().useCookieSession) {
server.use(express.cookieSession({ secret: ghost.dbHash, cookie: { maxAge: 60000000 }}));
} else {
server.use(express.session({ secret: ghost.dbHash, cookie: { maxAge: 60000000 }}));
}
server.use(express.cookieParser(ghost.dbHash));
server.use(express.cookieSession({ cookie : { maxAge: 12 * 60 * 60 * 1000 }}));


//enable express csrf protection
server.use(express.csrf());
Expand Down
53 changes: 8 additions & 45 deletions core/server/controllers/admin.js
Original file line number Diff line number Diff line change
Expand Up @@ -136,21 +136,9 @@ adminControllers = {
if (!denied) {
loginSecurity.push({ip: req.connection.remoteAddress, time: process.hrtime()[0]});
api.users.check({email: req.body.email, pw: req.body.password}).then(function (user) {
if (process.env.NODE_ENV === 'development'
&& ghost.config().hasOwnProperty('useCookieSession')
&& ghost.config().useCookieSession) {
req.session.user = user.id;
res.json(200, {redirect: req.body.redirect ? '/ghost/'
+ decodeURIComponent(req.body.redirect) : '/ghost/'});
} else {
req.session.regenerate(function (err) {
if (!err) {
req.session.user = user.id;
res.json(200, {redirect: req.body.redirect ? '/ghost/'
+ decodeURIComponent(req.body.redirect) : '/ghost/'});
}
});
}
req.session.user = user.id;
res.json(200, {redirect: req.body.redirect ? '/ghost/'
+ decodeURIComponent(req.body.redirect) : '/ghost/'});
}, function (error) {
res.json(401, {error: error.message});
});
Expand Down Expand Up @@ -190,23 +178,10 @@ adminControllers = {
password: password
}).then(function (user) {
api.settings.edit('email', email).then(function () {
if (process.env.NODE_ENV === 'development'
&& ghost.config().hasOwnProperty('useCookieSession')
&& ghost.config().useCookieSession) {
if (req.session.user === undefined) {
req.session.user = user.id;
}
res.json(200, {redirect: '/ghost/'});
} else {
req.session.regenerate(function (err) {
if (!err) {
if (req.session.user === undefined) {
req.session.user = user.id;
}
res.json(200, {redirect: '/ghost/'});
}
});
if (req.session.user === undefined) {
req.session.user = user.id;
}
res.json(200, {redirect: '/ghost/'});
});
}).otherwise(function (error) {
res.json(401, {error: error.message});
Expand Down Expand Up @@ -254,13 +229,7 @@ adminControllers = {
}).otherwise(errors.logAndThrowError);
},
'logout': function (req, res) {
if (process.env.NODE_ENV === 'development'
&& ghost.config().hasOwnProperty('useCookieSession')
&& ghost.config().useCookieSession) {
delete req.session.user;
} else {
req.session.destroy();
}
req.session = null;
var notification = {
type: 'success',
message: 'You were successfully signed out',
Expand Down Expand Up @@ -400,13 +369,7 @@ adminControllers = {
};

return api.notifications.add(notification).then(function () {
if (process.env.NODE_ENV === 'development'
&& ghost.config().hasOwnProperty('useCookieSession')
&& ghost.config().useCookieSession) {
delete req.session.user;
} else {
req.session.destroy();
}
req.session = null;
res.set({
"X-Cache-Invalidate": "/*"
});
Expand Down

0 comments on commit e100ef4

Please sign in to comment.