@flowfuse/nr-launcher
Advanced tools
Comparing version 2.1.1-9177509-202402210914.0 to 2.1.1-e48f900-202402271756.0
@@ -0,1 +1,4 @@ | ||
const crypto = require('crypto') | ||
const session = require('express-session') | ||
const MemoryStore = require('memorystore')(session) | ||
const { Passport } = require('passport') | ||
@@ -6,2 +9,3 @@ const { Strategy } = require('./strategy') | ||
let passport | ||
let httpNodeApp | ||
@@ -36,5 +40,23 @@ module.exports = { | ||
passport = new Passport() | ||
httpNodeApp = app | ||
httpNodeApp.use(session({ | ||
// As the session is only used across the life-span of an auth | ||
// hand-shake, we can use a instance specific random string | ||
secret: crypto.randomBytes(20).toString('hex'), | ||
resave: false, | ||
saveUninitialized: false, | ||
store: new MemoryStore({ | ||
checkPeriod: 86400000 // prune expired entries every 24h | ||
}) | ||
})) | ||
app.use(passport.initialize()) | ||
const callbackURL = `${options.baseURL}/_ffAuth/callback` | ||
// Need to map `options.baseURL` (the editor url) to the node root url. | ||
// We do not support moving node root off / - so we just need to strip off | ||
// any path | ||
const nodeUrl = new URL(options.baseURL) | ||
const callbackURL = `${nodeUrl.origin}/_ffAuth/callback` | ||
const authorizationURL = `${options.forgeURL}/account/authorize` | ||
@@ -41,0 +63,0 @@ const tokenURL = `${options.forgeURL}/account/token` |
{ | ||
"name": "@flowfuse/nr-launcher", | ||
"version": "2.1.1-9177509-202402210914.0", | ||
"version": "2.1.1-e48f900-202402271756.0", | ||
"description": "FlowFuse Launcher for running Node-RED", | ||
@@ -53,4 +53,6 @@ "exports": { | ||
"express": "^4.18.2", | ||
"express-session": "^1.18.0", | ||
"got": "^11.8.6", | ||
"json-stringify-safe": "5.0.1", | ||
"memorystore": "^1.6.7", | ||
"oauth": "^0.9.15", | ||
@@ -57,0 +59,0 @@ "parse-prometheus-text-format": "^1.1.1", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
548667
3180
16
+ Addedexpress-session@^1.18.0
+ Addedmemorystore@^1.6.7
+ Addedcookie@0.7.2(transitive)
+ Addedcookie-signature@1.0.7(transitive)
+ Addedexpress-session@1.18.1(transitive)
+ Addedlru-cache@4.1.5(transitive)
+ Addedmemorystore@1.6.7(transitive)
+ Addedon-headers@1.0.2(transitive)
+ Addedpseudomap@1.0.2(transitive)
+ Addedrandom-bytes@1.0.0(transitive)
+ Addeduid-safe@2.1.5(transitive)
+ Addedyallist@2.1.2(transitive)