From 403c313771ba9e8378a8c6c21c9313c85a3fe074 Mon Sep 17 00:00:00 2001 From: Simon Smith Date: Thu, 7 Sep 2023 08:26:13 +0100 Subject: [PATCH] update passport to 0.6.0 Signed-off-by: Simon Smith --- meshcentral.js | 2 +- webrelayserver.js | 13 +++++++++++++ webserver.js | 13 +++++++++++++ 3 files changed, 27 insertions(+), 1 deletion(-) diff --git a/meshcentral.js b/meshcentral.js index 981401d7..d3133d7b 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -3976,7 +3976,7 @@ function mainStart() { if (mstsc == false) { config.domains[i].mstsc = false; } if (config.domains[i].ssh == true) { if (nodeVersion < 11) { config.domains[i].ssh = false; } ssh = true; } if ((typeof config.domains[i].authstrategies == 'object')) { - if (passport == null) { passport = ['passport@0.5.3']; } // Passport v0.6.0 is broken with cookie-session, see https://github.com/jaredhanson/passport/issues/904 + if (passport == null) { passport = ['passport']; } // Passport v0.6.0 requires a patch, see https://github.com/jaredhanson/passport/issues/904 if ((typeof config.domains[i].authstrategies.twitter == 'object') && (typeof config.domains[i].authstrategies.twitter.clientid == 'string') && (typeof config.domains[i].authstrategies.twitter.clientsecret == 'string') && (passport.indexOf('passport-twitter') == -1)) { passport.push('passport-twitter'); } if ((typeof config.domains[i].authstrategies.google == 'object') && (typeof config.domains[i].authstrategies.google.clientid == 'string') && (typeof config.domains[i].authstrategies.google.clientsecret == 'string') && (passport.indexOf('passport-google-oauth20') == -1)) { passport.push('passport-google-oauth20'); } if ((typeof config.domains[i].authstrategies.github == 'object') && (typeof config.domains[i].authstrategies.github.clientid == 'string') && (typeof config.domains[i].authstrategies.github.clientsecret == 'string') && (passport.indexOf('passport-github2') == -1)) { passport.push('passport-github2'); } diff --git a/webrelayserver.js b/webrelayserver.js index a7a967ae..66ab2761 100644 --- a/webrelayserver.js +++ b/webrelayserver.js @@ -86,6 +86,19 @@ module.exports.CreateWebRelayServer = function (parent, db, args, certificates, } if (args.sessiontime != null) { sessionOptions.maxAge = (args.sessiontime * 60000); } // sessiontime is minutes obj.app.use(require('cookie-session')(sessionOptions)); + obj.app.use(function(request, response, next) { // Patch for passport 0.6.0 - https://github.com/jaredhanson/passport/issues/904 + if (request.session && !request.session.regenerate) { + request.session.regenerate = function (cb) { + cb() + } + } + if (request.session && !request.session.save) { + request.session.save = function (cb) { + cb() + } + } + next() + }); // Add HTTP security headers to all responses obj.app.use(function (req, res, next) { diff --git a/webserver.js b/webserver.js index f6f2bd6f..864f6d15 100644 --- a/webserver.js +++ b/webserver.js @@ -6115,6 +6115,19 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF } if (obj.args.sessiontime != null) { sessionOptions.maxAge = (obj.args.sessiontime * 60000); } // sessiontime is minutes obj.app.use(require('cookie-session')(sessionOptions)); + obj.app.use(function(request, response, next) { // Patch for passport 0.6.0 - https://github.com/jaredhanson/passport/issues/904 + if (request.session && !request.session.regenerate) { + request.session.regenerate = function (cb) { + cb() + } + } + if (request.session && !request.session.save) { + request.session.save = function (cb) { + cb() + } + } + next() + }); // Handle all incoming web sockets, see if some need to be handled as web relays obj.app.ws('/*', function (ws, req, next) {