Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@flowfuse/nr-launcher

Package Overview
Dependencies
Maintainers
3
Versions
214
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@flowfuse/nr-launcher - npm Package Compare versions

Comparing version 2.1.1-9177509-202402210914.0 to 2.1.1-e48f900-202402271756.0

24

lib/auth/httpAuthMiddleware.js

@@ -0,1 +1,4 @@

const crypto = require('crypto')
const session = require('express-session')
const MemoryStore = require('memorystore')(session)
const { Passport } = require('passport')

@@ -6,2 +9,3 @@ const { Strategy } = require('./strategy')

let passport
let httpNodeApp

@@ -36,5 +40,23 @@ module.exports = {

passport = new Passport()
httpNodeApp = app
httpNodeApp.use(session({
// As the session is only used across the life-span of an auth
// hand-shake, we can use a instance specific random string
secret: crypto.randomBytes(20).toString('hex'),
resave: false,
saveUninitialized: false,
store: new MemoryStore({
checkPeriod: 86400000 // prune expired entries every 24h
})
}))
app.use(passport.initialize())
const callbackURL = `${options.baseURL}/_ffAuth/callback`
// Need to map `options.baseURL` (the editor url) to the node root url.
// We do not support moving node root off / - so we just need to strip off
// any path
const nodeUrl = new URL(options.baseURL)
const callbackURL = `${nodeUrl.origin}/_ffAuth/callback`
const authorizationURL = `${options.forgeURL}/account/authorize`

@@ -41,0 +63,0 @@ const tokenURL = `${options.forgeURL}/account/token`

4

package.json
{
"name": "@flowfuse/nr-launcher",
"version": "2.1.1-9177509-202402210914.0",
"version": "2.1.1-e48f900-202402271756.0",
"description": "FlowFuse Launcher for running Node-RED",

@@ -53,4 +53,6 @@ "exports": {

"express": "^4.18.2",
"express-session": "^1.18.0",
"got": "^11.8.6",
"json-stringify-safe": "5.0.1",
"memorystore": "^1.6.7",
"oauth": "^0.9.15",

@@ -57,0 +59,0 @@ "parse-prometheus-text-format": "^1.1.1",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc