update passport to 0.6.0

Signed-off-by: Simon Smith <simonsmith5521@gmail.com>
2023-09-07 08:26:13 +01:00 · 2023-09-07 08:26:13 +01:00 · 403c313771
parent b1d2d1aea9
commit 403c313771
3 changed files with 27 additions and 1 deletions
--- a/meshcentral.js
+++ b/meshcentral.js
@ -3976,7 +3976,7 @@ function mainStart() {
            if (mstsc == false) { config.domains[i].mstsc = false; }
            if (config.domains[i].ssh == true) { if (nodeVersion < 11) { config.domains[i].ssh = false; } ssh = true; }
            if ((typeof config.domains[i].authstrategies == 'object')) {
-                if (passport == null) { passport = ['passport@0.5.3']; } // Passport v0.6.0 is broken with cookie-session, see https://github.com/jaredhanson/passport/issues/904
+                if (passport == null) { passport = ['passport']; } // Passport v0.6.0 requires a patch, see https://github.com/jaredhanson/passport/issues/904
                if ((typeof config.domains[i].authstrategies.twitter == 'object') && (typeof config.domains[i].authstrategies.twitter.clientid == 'string') && (typeof config.domains[i].authstrategies.twitter.clientsecret == 'string') && (passport.indexOf('passport-twitter') == -1)) { passport.push('passport-twitter'); }
                if ((typeof config.domains[i].authstrategies.google == 'object') && (typeof config.domains[i].authstrategies.google.clientid == 'string') && (typeof config.domains[i].authstrategies.google.clientsecret == 'string') && (passport.indexOf('passport-google-oauth20') == -1)) { passport.push('passport-google-oauth20'); }
                if ((typeof config.domains[i].authstrategies.github == 'object') && (typeof config.domains[i].authstrategies.github.clientid == 'string') && (typeof config.domains[i].authstrategies.github.clientsecret == 'string') && (passport.indexOf('passport-github2') == -1)) { passport.push('passport-github2'); }
--- a/webrelayserver.js
+++ b/webrelayserver.js
@ -86,6 +86,19 @@ module.exports.CreateWebRelayServer = function (parent, db, args, certificates,
        }
        if (args.sessiontime != null) { sessionOptions.maxAge = (args.sessiontime * 60000); } // sessiontime is minutes
        obj.app.use(require('cookie-session')(sessionOptions));
+        obj.app.use(function(request, response, next) { // Patch for passport 0.6.0 - https://github.com/jaredhanson/passport/issues/904
+            if (request.session && !request.session.regenerate) {
+                request.session.regenerate = function (cb) {
+                    cb()
+                }
+            }
+            if (request.session && !request.session.save) {
+                request.session.save = function (cb) {
+                    cb()
+                }
+            }
+            next()
+        });

        // Add HTTP security headers to all responses
        obj.app.use(function (req, res, next) {
--- a/webserver.js
+++ b/webserver.js
@ -6115,6 +6115,19 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
        }
        if (obj.args.sessiontime != null) { sessionOptions.maxAge = (obj.args.sessiontime * 60000); } // sessiontime is minutes
        obj.app.use(require('cookie-session')(sessionOptions));
+        obj.app.use(function(request, response, next) { // Patch for passport 0.6.0 - https://github.com/jaredhanson/passport/issues/904
+            if (request.session && !request.session.regenerate) {
+                request.session.regenerate = function (cb) {
+                    cb()
+                }
+            }
+            if (request.session && !request.session.save) {
+                request.session.save = function (cb) {
+                    cb()
+                }
+            }
+            next()
+        });

        // Handle all incoming web sockets, see if some need to be handled as web relays
        obj.app.ws('/*', function (ws, req, next) {