Last active
June 6, 2016 06:02
-
-
Save dulao5/e775a20d657828f1bf69 to your computer and use it in GitHub Desktop.
Sails.js(Node.js)でSessionを無駄にしないように使い方 ref: http://qiita.com/dulao5/items/c0b6e2a7ea16e1d9116c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -v http://127.0.0.1:1337/login > /dev/null | |
| > GET /login HTTP/1.1 | |
| ... | |
| < HTTP/1.1 200 OK | |
| < X-Powered-By: Sails <sailsjs.org> | |
| ... | |
| < Set-Cookie: sails.sid=s%3AvX4jELukbYhzct43etS21uRU.apwQfFIzp1bpAgvTYaIfx%2FaheTw%2B0DoLKQV52a98uEg; Path=/; HttpOnly | |
| ... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > GET /api/item/ranking HTTP/1.1 | |
| ... | |
| < HTTP/1.1 200 OK | |
| ... | |
| < Set-Cookie: sails.sid=s%3ADw8BML5vRNwDSN8L_t2Lw40V.DOhHMvk6Z5FqkbJPjzgZesI9rtBKPBaimP0EVjB3lWU; Path=/; HttpOnly | |
| ... | |
| > GET /api/user/profile/@me?access_token=myaccesstokenkeyxxxxxx HTTP/1.1 | |
| ... | |
| < HTTP/1.1 200 OK | |
| ... | |
| < Set-Cookie: sails.sid=s%3ALOS8QewE8uX0tx6loLOp-vkn.zp9wsMOEBVicrenyVwnd2%2BkMCQ8c1b%2Fze%2BeVPISoNzM; Path=/; HttpOnly | |
| ... | |
| > GET /api/item/ranking HTTP/1.1 | |
| ... | |
| < HTTP/1.1 200 OK | |
| ... | |
| < Set-Cookie: sails.sid=s%3ANcNHD5g6Mig7s5VGU_wMHQzO.WJEoCBLE0BcYQaVRTH%2B3UDp6Zhz5vnK9%2BtRbH7xcOMA; Path=/; HttpOnly | |
| ... | |
| > GET /api/user/profile/@me?access_token=myaccesstokenkeyxxxxxx HTTP/1.1 | |
| ... | |
| < HTTP/1.1 200 OK | |
| ... | |
| < Set-Cookie: sails.sid=s%3AMroUSUAJSSuDWkpdHBNPcael.jCTQcdVjCZ%2Ff60qJat4tOTJFpNPuhcsp3TcK256XXUw; Path=/; HttpOnly | |
| ... | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| node_modules/sails/node_modules/express/node_modules/connect/lib/middleware/session.js:246 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // set-cookie | |
| res.on('header', function(){ | |
| if (!req.session) return; | |
| var cookie = req.session.cookie | |
| , proto = (req.headers['x-forwarded-proto'] || '').split(',')[0].toLowerCase().trim() | |
| , tls = req.connection.encrypted || (trustProxy && 'https' == proto) | |
| , isNew = unsignedCookie != req.sessionID; | |
| // only send secure cookies via https | |
| if (cookie.secure && !tls) return debug('not secured'); | |
| // long expires, handle expiry server-side | |
| if (!isNew && cookie.hasLongExpires) return debug('already set cookie'); | |
| // browser-session length cookie | |
| if (null == cookie.expires) { | |
| if (!isNew) return debug('already set browser-session cookie'); | |
| // compare hashes and ids | |
| } else if (originalHash == hash(req.session) && originalId == req.session.id) { | |
| return debug('unmodified session'); | |
| } | |
| var val = 's:' + signature.sign(req.sessionID, secret); | |
| val = cookie.serialize(key, val); | |
| debug('set-cookie %s', val); | |
| res.setHeader('Set-Cookie', val); | |
| }); | |
| // proxy end() to commit the session | |
| var end = res.end; | |
| res.end = function(data, encoding){ | |
| res.end = end; | |
| if (!req.session) return res.end(data, encoding); | |
| debug('saving'); | |
| req.session.resetMaxAge(); | |
| req.session.save(function(err){ | |
| if (err) console.error(err.stack); | |
| debug('saved'); | |
| res.end(data, encoding); | |
| }); | |
| }; | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function doNotCreateNewSession(pathPrefixArr) { | |
| return function(req, res, next) { | |
| if (isNewSession(req) && matchPathPrefixArr(req, pathPrefixArr)) { | |
| // proxy end() to commit the session | |
| var end = res.end; | |
| res.end = function(data, encoding) { | |
| res.end = end; | |
| if (!req.session) { | |
| return res.end(data, encoding); | |
| } | |
| sails.log.debug("res.end proxy: destory new session: " + | |
| req.sessionID); | |
| req.session.destroy(); | |
| req.session = null; | |
| res.end(data, encoding); | |
| }; | |
| } | |
| next(); | |
| } | |
| function matchPathPrefixArr(req, pathPrefixArr) { | |
| return pathPrefixArr.some(function(pathPrefix) { | |
| return (0 == req.originalUrl.indexOf(pathPrefix)) | |
| }) | |
| } | |
| function isNewSession(req) { | |
| return req.sessionID != getSessionIdByCookie(req) | |
| } | |
| function getSessionIdByCookie(req) { | |
| var secret = sails.config.session.secret, | |
| key = 'sails.sid'; | |
| // grab the session cookie value and check the signature | |
| var rawCookie = req.cookies[key]; | |
| // get signedCookies for backwards compat with signed cookies | |
| var unsignedCookie = req.signedCookies[key]; | |
| if (!unsignedCookie && rawCookie) { | |
| unsignedCookie = utils.parseSignedCookie(rawCookie, secret); | |
| } | |
| return unsignedCookie; | |
| } | |
| } | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| app.use(doNotCreateNewSession([ | |
| '/api', | |
| ])); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // config/foo.jsで | |
| /* | |
| * express http customMiddleware | |
| */ | |
| module.exports = { | |
| http: { | |
| customMiddleware: function(app) { | |
| //... | |
| app.use(doNotCreateNewSession([ | |
| '/api', | |
| ])); | |
| //.... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 新しいSessionを作成する | |
| ➜ curl -v http://127.0.0.1:1337/ 2>&1 |grep Set-Cookie | |
| < Set-Cookie: sails.sid=s%3AQIUUfdKRxecI7Hz8ejamoQLW.9SxuJuuiltb%2BG4hz8Ks%2FNk6%2FiQ%2BubA5n0zydjTW54P8; Path=/; HttpOnly | |
| # 新しいSessionを作成すべきではない | |
| ➜ curl -v http://127.0.0.1:1337/api/ 2>&1 |grep Set-Cookie | |
| # req.sessionを利用する | |
| ➜ curl -v http://127.0.0.1:1337/api/ -H "Cookie: sails.sid=s%3AQIUUfdKRxecI7Hz8ejamoQLW.9SxuJuuiltb%2BG4hz8Ks%2FNk6%2FiQ%2BubA5n0zydjTW54P8" 2>&1 |grep Set-Cookie | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| session({doNotCreateIn:["/api", "/restful"]}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment