From ba5f36fb91068c3a4bfc9d69bd6a79286eca7d69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20Bajto=C5=A1?= Date: Wed, 17 Aug 2016 14:41:48 +0200 Subject: [PATCH 1/2] loopback#context: fix missing "g" symbol --- server/middleware/context.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/server/middleware/context.js b/server/middleware/context.js index 2953252b..9b737328 100644 --- a/server/middleware/context.js +++ b/server/middleware/context.js @@ -3,6 +3,8 @@ // This file is licensed under the MIT License. // License text available at https://opensource.org/licenses/MIT +var g = require('strong-globalize')(); + module.exports = function() { throw new Error(g.f( '%s middleware was removed in version 3.0. See %s for more details.', From edd5275b8b5fc807372e1885e782bf930040f502 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carl=20F=C3=BCrstenberg?= Date: Tue, 16 Aug 2016 13:51:42 +0200 Subject: [PATCH 2/2] Fix token middleware crash Fix token middleware to check if `req.loopbackContext` is active. The context is not active for example when express-session calls setImmediate which breaks CLS. --- package.json | 1 + server/middleware/token.js | 2 +- test/access-token.test.js | 26 ++++++++++++++++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 85e874c4..56839ccf 100644 --- a/package.json +++ b/package.json @@ -63,6 +63,7 @@ "cookie-parser": "^1.3.4", "es5-shim": "^4.1.0", "eslint-config-loopback": "^1.0.0", + "express-session": "^1.14.0", "grunt": "^1.0.1", "grunt-browserify": "^5.0.0", "grunt-cli": "^1.2.0", diff --git a/server/middleware/token.js b/server/middleware/token.js index 21e3b5ca..2ceb701d 100644 --- a/server/middleware/token.js +++ b/server/middleware/token.js @@ -125,7 +125,7 @@ function token(options) { req.accessToken = token || null; rewriteUserLiteral(req, currentUserLiteral); var ctx = req.loopbackContext; - if (ctx) ctx.set('accessToken', token); + if (ctx && ctx.active) ctx.set('accessToken', token); next(err); }); }; diff --git a/test/access-token.test.js b/test/access-token.test.js index 1a02839e..5883d41b 100644 --- a/test/access-token.test.js +++ b/test/access-token.test.js @@ -8,6 +8,8 @@ var LoopBackContext = require('loopback-context'); var contextMiddleware = require('loopback-context').perRequest; var loopback = require('../'); var extend = require('util')._extend; +var session = require('express-session'); + var Token = loopback.AccessToken.extend('MyToken'); var ds = loopback.createDataSource({ connector: loopback.Memory }); Token.attachTo(ds); @@ -509,6 +511,30 @@ describe('app.enableAuth()', function() { done(); }); }); + + // See https://github.com/strongloop/loopback-context/issues/6 + it('checks whether context is active', function(done) { + var app = loopback(); + + app.enableAuth(); + app.use(contextMiddleware()); + app.use(session({ + secret: 'kitty', + saveUninitialized: true, + resave: true, + })); + app.use(loopback.token({ model: Token })); + app.get('/', function(req, res) { res.send('OK'); }); + app.use(loopback.rest()); + + request(app) + .get('/') + .set('authorization', this.token.id) + .set('cookie', 'connect.sid=s%3AFTyno9_MbGTJuOwdh9bxsYCVxlhlulTZ.' + + 'PZvp85jzLXZBCBkhCsSfuUjhij%2Fb0B1K2RYZdxSQU0c') + .expect(200, 'OK') + .end(done); + }); }); function createTestingToken(done) {