How to use the cookie-parser.signedCookie function in cookie-parser
To help you get started, we’ve selected a few cookie-parser examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
ioBroker / ioBroker.iot / lib / socket.js View on Github 
function getUserFromSocket(socket, callback) {
let wait = false;
try {
if (socket.handshake.headers.cookie && (!socket.request || !socket.request._query || !socket.request._query.user)) {
const cookie = decodeURIComponent(socket.handshake.headers.cookie);
const m = cookie.match(/connect\.sid=(.+)/);
if (m) {
// If session cookie exists
const c = m[1].split(';')[0];
const sessionID = cookieParser.signedCookie(c, that.settings.secret);
if (sessionID) {
// Get user for session
wait = true;
that.settings.store.get(sessionID, function (err, obj) {
if (obj && obj.passport && obj.passport.user) {
socket._sessionID = sessionID;
if (typeof callback === 'function') {
callback(null, obj.passport.user);
} else {
that.adapter.log.warn('[getUserFromSocket] Invalid callback')
}
} else {
if (typeof callback === 'function') {
callback('unknown user');
} else {
that.adapter.log.warn('[getUserFromSocket] Invalid callback')var processSession = function(socket, secret) {
try {
var cookie_obj = qs.parse(socket.request.headers.cookie, ';');
// for reasons mysterious the connect.sid key sometimes comes with 1 leading whitespace
var cursor = cookie_obj['connect.sid'] ? cookie_obj['connect.sid'] : cookie_obj[' connect.sid'];
socket.sessionId = cookieParser.signedCookie(cursor, secret);
return true;
}
catch(e) {
log.warn('Warning: connect.sid session cookie not detected. User may have cookies disabled or session cookie has expired');
return false;
}
};req.session = {};
var cookie = req.session.cookie = new Cookie(options.cookie);
// pathname mismatch
var originalPath = parseUrl.original(req).pathname;
if (0 != originalPath.indexOf(cookie.path)) return next();
// cookieParser secret
if (!options.secret && req.secret) {
req.session = req.signedCookies[key] || {};
req.session.cookie = cookie;
} else {
// TODO: refactor
var rawCookie = req.cookies[key];
if (rawCookie) {
var unsigned = cookieParser.signedCookie(rawCookie, secret);
if (unsigned) {
var original = unsigned;
req.session = cookieParser.JSONCookie(unsigned) || {};
req.session.cookie = cookie;
}
}
}
onHeaders(res, function(){
// removed
if (!req.session) {
debug('clear session');
cookie.expires = new Date(0);
res.setHeader('Set-Cookie', cookie.serialize(key, ''));
return;
}req.session = {};
var cookie = req.session.cookie = new Cookie(options.cookie);
// pathname mismatch
var originalPath = parseUrl.original(req).pathname;
if (0 != originalPath.indexOf(cookie.path)) return next();
// cookieParser secret
if (!options.secret && req.secret) {
req.session = req.signedCookies[key] || {};
req.session.cookie = cookie;
} else {
// TODO: refactor
var rawCookie = req.cookies[key];
if (rawCookie) {
var unsigned = cookieParser.signedCookie(rawCookie, secret);
if (unsigned) {
var original = unsigned;
req.session = cookieParser.JSONCookie(unsigned) || {};
req.session.cookie = cookie;
}
}
}
onHeaders(res, function () {
// removed
if (!req.session) {
debug('clear session');
cookie.expires = new Date(0);
res.setHeader('Set-Cookie', cookie.serialize(key, ''));
return;
}if (handshakeData) {
if (handshakeData.query &&
handshakeData.query.webGMESessionId &&
handshakeData.query.webGMESessionId !== 'undefined') {
// TODO: Isn't this branch deprecated?
sessionId = handshakeData.query.webGMESessionId;
} else if (handshakeData.query &&
handshakeData.query[gmeConfig.server.sessionCookieId] &&
handshakeData.query[gmeConfig.server.sessionCookieId] !== 'undefined') {
sessionId = COOKIE.signedCookie(handshakeData.query[gmeConfig.server.sessionCookieId],
gmeConfig.server.sessionCookieSecret);
} else if (gmeConfig.server.sessionCookieId &&
gmeConfig.server.sessionCookieSecret &&
handshakeData.headers && handshakeData.headers.cookie) {
//we try to dig it from the signed cookie
sessionId = COOKIE.signedCookie(
URL.parseCookie(handshakeData.headers.cookie)[gmeConfig.server.sessionCookieId],
gmeConfig.server.sessionCookieSecret);
}
}
return sessionId;
}io.on('connection', (socket) => {
const cookieData = cookie.parse(socket.handshake.headers.cookie);
const sessionId = cookieParser.signedCookie(cookieData['key'], 'whocarewhatisthepass');
const sessionDir = '../../sessions/'
const sessionExtension = '.json'
const currentRoomName = chatMethod.getCurrentRoomID(socket)
let loginedUserName = ''
let loginedUserImg = ''
socket.join(currentRoomName) // 进入房间
try {
// 查询session中保存的用户名
const sessionFile = require(sessionDir + sessionId + sessionExtension)
loginedUserName = sessionFile.loginUser
// 通过session中的用户名在数据库中查询用户信息
info.findOne({user: loginedUserName}, (err, val) => {
// 如果出错则打印出来socket.on('start', function(msg) {
console.log(msg);
socket.abortDeploy = false;
parsedCookie = cookie.parse(socket.request.headers.cookie);
sid = cookieParser.signedCookie(parsedCookie['connect.sid'], sessionSecret);
folder = cookieParser.signedCookie(parsedCookie.folder, sessionSecret);
sessionStore.get(sid, function(err, currSession) {
if (err) {
console.log('error while getting session information');
console.log(err);
}
deploy(currSession.token, folder, currSession.owner, socket, function() {
console.log('Deploy Process Finished');
});
});
});module.exports.getSessionId = function(request) {
const cookie = request.headers.cookie;
if ( !cookie ) {
return null;
}
const cookies = _cookie.parse(cookie);
const secret = _settings.get('http.session.secret');
return _parser.signedCookie(cookies['connect.sid'], secret);
};getSessionId(request) {
const header = request.headers.cookie;
if ( !header ) {
return null;
}
const cookies = cookie.parse(header);
const secret = Settings.get('http.session.secret');
const key = Settings.get('http.session.name') || 'connect.sid';
return parser.signedCookie(cookies[key], secret);
}this.app.get('io').set('authorization', (handshakeData, accept) => {
if (handshakeData.headers.cookie) {
this.sessionStore.get(cookieParser.signedCookie(
cookie.parse(handshakeData.headers.cookie)[this.sessionKey], this.secretKey
), (err, s) => {
if (!err && s && s.authenticated) {
return accept(null, true);
}
});
} else {
return accept(null, false);
}
});
}
