| Server IP : 68.183.124.220 / Your IP : 216.73.217.137 Web Server : Apache/2.4.18 (Ubuntu) System : Linux Sandbox-A 4.4.0-210-generic #242-Ubuntu SMP Fri Apr 16 09:57:56 UTC 2021 x86_64 User : gavin ( 1000) PHP Version : 7.0.33-0ubuntu0.16.04.16 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/gavin/workspace/readjs/node_modules/lusca/lib/ |
Upload File : |
'use strict';
var crypto = require('crypto');
var LENGTH = 10;
function create(req, secretKey) {
var session = req.session;
if (session === undefined) {
throw new Error('lusca requires req.session to be available in order to maintain state');
}
var secret = session[secretKey];
// Save the secret for validation
if (!secret) {
session[secretKey] = crypto.pseudoRandomBytes(LENGTH).toString('base64');
secret = session[secretKey];
}
return {
secret: secret,
token: tokenize(salt(LENGTH), secret),
validate: function validate(req, token) {
if (typeof token !== 'string') {
return false;
}
return token === tokenize(token.slice(0, LENGTH), req.session[secretKey]);
}
};
}
function tokenize(salt, secret) {
return salt + crypto.createHash('sha1').update(salt + secret).digest('base64');
}
function salt(len) {
var str = '',
chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
for (var i = 0; i < len; i++) {
str += chars[Math.floor(Math.random() * chars.length)];
}
return str;
}
module.exports = {
create: create
};