2017-11-15 10:54:12 +08:00
|
|
|
"use strict";
|
|
|
|
|
|
2017-11-10 12:25:23 +08:00
|
|
|
const utils = require('./utils');
|
|
|
|
|
|
|
|
|
|
function setDataKey(req, decryptedDataKey) {
|
2017-11-16 12:39:50 +08:00
|
|
|
req.session.decryptedDataKey = Array.from(decryptedDataKey); // can't store buffer in session
|
2017-11-10 12:25:23 +08:00
|
|
|
req.session.protectedSessionId = utils.randomSecureToken(32);
|
|
|
|
|
|
|
|
|
|
return req.session.protectedSessionId;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-15 10:54:12 +08:00
|
|
|
function getProtectedSessionId(req) {
|
|
|
|
|
return req.headers['x-protected-session-id'];
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-11 11:55:19 +08:00
|
|
|
function getDataKey(req) {
|
2017-11-15 10:54:12 +08:00
|
|
|
const protectedSessionId = getProtectedSessionId(req);
|
2017-11-11 11:55:19 +08:00
|
|
|
|
2017-11-10 12:25:23 +08:00
|
|
|
if (protectedSessionId && req.session.protectedSessionId === protectedSessionId) {
|
|
|
|
|
return req.session.decryptedDataKey;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-15 10:54:12 +08:00
|
|
|
function isProtectedSessionAvailable(req) {
|
|
|
|
|
const protectedSessionId = getProtectedSessionId(req);
|
|
|
|
|
|
|
|
|
|
return protectedSessionId && req.session.protectedSessionId === protectedSessionId;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-10 12:25:23 +08:00
|
|
|
module.exports = {
|
|
|
|
|
setDataKey,
|
2017-11-15 10:54:12 +08:00
|
|
|
getDataKey,
|
|
|
|
|
isProtectedSessionAvailable
|
2017-11-10 12:25:23 +08:00
|
|
|
};
|
