Merge pull request #2650 from strongloop/fix/token-in-context-3x

Fix token middleware crash
2016-08-17 15:05:09 +02:00 · 2016-08-17 15:05:09 +02:00 · 3dfd86f6ff
parent 01a9fa2ab2 edd5275b8b
commit 3dfd86f6ff
4 changed files with 30 additions and 1 deletions
--- a/package.json
+++ b/package.json
@ -63,6 +63,7 @@
    "cookie-parser": "^1.3.4",
    "es5-shim": "^4.1.0",
    "eslint-config-loopback": "^1.0.0",
+    "express-session": "^1.14.0",
    "grunt": "^1.0.1",
    "grunt-browserify": "^5.0.0",
    "grunt-cli": "^1.2.0",
--- a/server/middleware/context.js
+++ b/server/middleware/context.js
@ -3,6 +3,8 @@
 // This file is licensed under the MIT License.
 // License text available at https://opensource.org/licenses/MIT

+var g = require('strong-globalize')();
+
 module.exports = function() {
  throw new Error(g.f(
    '%s middleware was removed in version 3.0. See %s for more details.',
--- a/server/middleware/token.js
+++ b/server/middleware/token.js
@ -125,7 +125,7 @@ function token(options) {
      req.accessToken = token || null;
      rewriteUserLiteral(req, currentUserLiteral);
      var ctx = req.loopbackContext;
-      if (ctx) ctx.set('accessToken', token);
+      if (ctx && ctx.active) ctx.set('accessToken', token);
      next(err);
    });
  };
--- a/test/access-token.test.js
+++ b/test/access-token.test.js
@ -8,6 +8,8 @@ var LoopBackContext = require('loopback-context');
 var contextMiddleware = require('loopback-context').perRequest;
 var loopback = require('../');
 var extend = require('util')._extend;
+var session = require('express-session');
+
 var Token = loopback.AccessToken.extend('MyToken');
 var ds = loopback.createDataSource({ connector: loopback.Memory });
 Token.attachTo(ds);
@ -509,6 +511,30 @@ describe('app.enableAuth()', function() {
        done();
      });
  });
+
+  // See https://github.com/strongloop/loopback-context/issues/6
+  it('checks whether context is active', function(done) {
+    var app = loopback();
+
+    app.enableAuth();
+    app.use(contextMiddleware());
+    app.use(session({
+      secret: 'kitty',
+      saveUninitialized: true,
+      resave: true,
+    }));
+    app.use(loopback.token({ model: Token }));
+    app.get('/', function(req, res) { res.send('OK'); });
+    app.use(loopback.rest());
+
+    request(app)
+      .get('/')
+      .set('authorization', this.token.id)
+      .set('cookie', 'connect.sid=s%3AFTyno9_MbGTJuOwdh9bxsYCVxlhlulTZ.' +
+        'PZvp85jzLXZBCBkhCsSfuUjhij%2Fb0B1K2RYZdxSQU0c')
+      .expect(200, 'OK')
+      .end(done);
+  });
 });

 function createTestingToken(done) {