cookie session 和 https-redirect 提供对 koa 的支持

Author: jysperm

.travis.yml

@@ -5,4 +5,4 @@ node_js:
 
 script:
   - npm test
-  - FRAMEWORK=koa npm test
+  - npm run test-koa

API.md

@@ -204,26 +204,33 @@ AV.Cloud.httpRequest({
 
 ### cookie-session
 
-该中间件提供了在 Express 中维护用户状态的能力。
+该中间件提供了在 Express 或 Koa 中维护用户状态的能力，在 Express 中：
 
 ```javascript
-app.use(AV.Cloud.CookieSession({ secret: 'my secret', maxAge: 3600000, fetchUser: true }));
+app.use(AV.Cloud.CookieSession({secret: 'my secret', maxAge: 3600000, fetchUser: true}));
+```
+
+在 Koa 中（添加 `framework: 'koa'` 参数）：
+
+```javascript
+app.use(AV.Cloud.CookieSession({framework: 'koa', secret: 'my secret', maxAge: 3600000, fetchUser: true}));
 ```
 
 参数包括：
 
+* `koa?: boolean`：返回一个 koa（而不是 express）中间件。
 * `secret: string`：对 Cookie 进行签名的密钥，请选用一个随机字符串。
 * `name?: string`：Cookie 名称，默认为 `avos.sess`。
 * `maxAge?: number`：Cookie 过期时间。
 * `fetchUser?: boolean`：是否自动查询用户信息，默认为 `false`，即不自动查询，这种情况下只能访问用户的 `id` 和 `sessionToken`.
 * `httpOnly?: boolean`: 不允许客户端读写该 Cookie，默认 `false`.
 
-express 的 `Request` 上会有这些属性可用：
+express 的 `Request`（或 koa 的 `ctx.request`）上会有这些属性可用：
 
 * `currentUser?: AV.User`：和当前客户端关联的用户信息（根据 Cookie），如未开启 `cookie-session` 的 `fetchUser` 选项则只可以访问 `id` 和 `sessionToken`.
 * `sessionToken?: string`：和当前客户端关联的 `sessionToken`（根据 Cookie）。
 
-express 的 `Response` 上会有这些属性可用：
+express 的 `Response`（或 koa 的 `ctx.response`）上会有这些属性可用：
 
 * `saveCurrentUser(user: AV.User)`：将当前客户端与特定用户关联（会写入 Cookie）。
 * `clearCurrentUser()`：清除当前客户端关联的用户（删除 Cookie）。
@@ -232,8 +239,16 @@ express 的 `Response` 上会有这些属性可用：
 
 ### https-redirect
 
-该中间件会自动将 HTTP 请求重定向到 HTTPS 上：
+该中间件会自动将 HTTP 请求重定向到 HTTPS 上，在 Express 中：
 
 ```javascript
+app.enable('trust proxy');
 app.use(AV.Cloud.HttpsRedirect());
 ```
+
+Koa 中（添加 `framework: 'koa'` 参数）：
+
+```javascript
+app.proxy = true;
+app.use(AV.Cloud.HttpsRedirect({framework: 'koa'}));
+```

README.md

@@ -22,6 +22,7 @@ npm install leanengine@next --save
 * 网站托管开发指南：<https://leancloud.cn/docs/leanengine_webhosting_guide-node.html>
 * 云函数开发指南：<https://leancloud.cn/docs/leanengine_cloudfunction_guide-node.html>
 * 云引擎命令行工具使用详解：<https://leancloud.cn/docs/leanengine_cli.html>
+* API 参考文档：<https://github.com/leancloud/leanengine-node-sdk/blob/master/API.md>
 
 ## 项目示例
 

lib/leanengine.js

@@ -60,8 +60,21 @@ if (https.globalAgent && https.globalAgent.options) {
   https.globalAgent.options.rejectUnauthorized = false;
 }
 
-AV.Cloud.CookieSession = require('../middleware/cookie-session')(AV);
-AV.Cloud.HttpsRedirect = require('../middleware/https-redirect')(AV);
+AV.Cloud.CookieSession = function(options) {
+  if (options && options.framework == 'koa') {
+    return require('../middleware/cookie-session-koa')(AV)(options);
+  } else {
+    return require('../middleware/cookie-session')(AV)(options);
+  }
+};
+
+AV.Cloud.HttpsRedirect = function(options) {
+  if (options && options.framework == 'koa') {
+    return require('../middleware/https-redirect-koa')(AV)(options);
+  } else {
+    return require('../middleware/https-redirect')(AV)(options);
+  }
+}
 
 function createCloudFunctionRouter(options) {
   options = options || {};

lib/utils.js

@@ -74,3 +74,7 @@ exports.prepareResponseObject = function(res, callback) {
 var getRemoveAddress = exports.getRemoveAddress = function(req) {
   return req.headers['x-real-ip'] || req.headers['x-forwarded-for'] || req.connection.remoteAddress
 };
+
+exports.endsWith = function(str, suffix) {
+  return str.indexOf(suffix, str.length - suffix.length) !== -1;
+};

middleware/cookie-session-koa.js

@@ -0,0 +1,17 @@
+module.exports = function(AV) {
+  return function (options) {
+    var middleware = require('./cookie-session')(AV)(options);
+
+    return function *(next) {
+      yield middleware.bind(null, this.req, this.res);
+
+      this.request.currentUser = this.req.currentUser;
+      this.request.sessionToken = this.req.sessionToken;
+
+      this.response.saveCurrentUser = this.res.saveCurrentUser;
+      this.response.clearCurrentUser = this.res.clearCurrentUser;
+
+      yield next;
+    }
+  };
+};

middleware/cookie-session.js

@@ -1,124 +1,120 @@
-/**
- * update from cookie-sesion middleware
- */
-(function() {
-  'use strict';
-  var Cookies = require('cookies');
-  var onHeaders = require('on-headers');
-  var debug = require('debug')('AV:cookieSession');
-
-  module.exports = function(AV) {
-    return function(opts) {
-      opts = opts || {};
-
-      // name - previously "opts.key"
-      var name = opts.name || opts.key || 'avos:sess';
-
-      // secrets
-      var keys = opts.keys;
-      if (!keys && opts.secret) {
-        keys = [opts.secret];
-      }
+'use strict';
 
-      // defaults
-      if (!opts.overwrite) {
-        opts.overwrite = true;
-      }
-      opts.httpOnly = true;
-      opts.signed = true;
+var Cookies = require('cookies');
+var onHeaders = require('on-headers');
+var debug = require('debug')('AV:cookieSession');
 
-      if (!keys && opts.signed) {
-        throw new Error('.keys required for avos cookie sessions.');
-      }
+module.exports = function(AV) {
+  return function(opts) {
+    opts = opts || {};
 
-      debug('session options %j', opts);
+    // name - previously "opts.key"
+    var name = opts.name || opts.key || 'avos:sess';
 
-      return function cookieSession(req, res, next) {
-        var cookies = req.sessionCookies = new Cookies(req, res, keys);
-        var responseUser;
+    // secrets
+    var keys = opts.keys;
+    if (!keys && opts.secret) {
+      keys = [opts.secret];
+    }
 
-        // 兼容 connect
-        if (!res.req) res.req = req;
-        if (!req.res) req.res = res;
+    // defaults
+    if (!opts.overwrite) {
+      opts.overwrite = true;
+    }
+    opts.httpOnly = true;
+    opts.signed = true;
 
-        // to pass to Session()
-        req.sessionOptions = opts;
-        req.sessionKey = name;
+    if (!keys && opts.signed) {
+      throw new Error('.keys required for avos cookie sessions.');
+    }
 
-        res.saveCurrentUser = function(user) {
-          responseUser = user;
-        };
+    debug('session options %j', opts);
 
-        res.clearCurrentUser = function() {
-          responseUser = null;
-        };
+    return function cookieSession(req, res, next) {
+      var cookies = req.sessionCookies = new Cookies(req, res, keys);
+      var responseUser;
 
-        onHeaders(res, function setHeaders() {
-          var session = null;
+      // 兼容 connect
+      if (!res.req) res.req = req;
+      if (!req.res) req.res = res;
 
-          if (responseUser) {
-            session = {
-              _uid: responseUser.id,
-              _sessionToken: responseUser._sessionToken
-            };
+      // to pass to Session()
+      req.sessionOptions = opts;
+      req.sessionKey = name;
 
-            debug('session %j', session);
-            cookies.set(name, encode(session), opts);
-          } else if (responseUser === null) {
-            debug('clear session');
-            cookies.set(name, '', opts);
-          }
-        });
+      res.saveCurrentUser = function(user) {
+        responseUser = user;
+      };
+
+      res.clearCurrentUser = function() {
+        responseUser = null;
+      };
 
-        var session = {};
-        var json = cookies.get(name, opts);
-        if (json) {
-          session = decode(json);
+      onHeaders(res, function setHeaders() {
+        var session = null;
+
+        if (responseUser) {
+          session = {
+            _uid: responseUser.id,
+            _sessionToken: responseUser._sessionToken
+          };
+
+          debug('session %j', session);
+          cookies.set(name, encode(session), opts);
+        } else if (responseUser === null) {
+          debug('clear session');
+          cookies.set(name, '', opts);
         }
-        var uid = session._uid;
-        var sessionToken = session._sessionToken;
-        req.AV = req.AV || {};
-        if (uid && sessionToken) {
-          AV.Cloud.logInByIdAndSessionToken(uid, sessionToken, opts.fetchUser, function(err, user) {
-            if(err) {
-              debug('sessionToken invalid, uid: %s', uid);
-            } else {
-              req.AV.user = user;
-              req.currentUser = user;
-              req.sessionToken = user.getSessionToken();
-            }
-            return next();
-          });
-        } else {
+      });
+
+      var session = {};
+      var json = cookies.get(name, opts);
+      if (json) {
+        session = decode(json);
+      }
+      var uid = session._uid;
+      var sessionToken = session._sessionToken;
+      req.AV = req.AV || {};
+      if (uid && sessionToken) {
+        AV.Cloud.logInByIdAndSessionToken(uid, sessionToken, opts.fetchUser, function(err, user) {
+          if(err) {
+            debug('sessionToken invalid, uid: %s', uid);
+          } else {
+            req.AV.user = user;
+            req.currentUser = user;
+            req.sessionToken = user.getSessionToken();
+          }
           return next();
-        }
-      };
+        });
+      } else {
+        return next();
+      }
     };
   };
+};
+
+/**
+ * Decode the base64 cookie value to an object.
+ *
+ * @param {String} string
+ * @return {Object}
+ * @private
+ */
+
+function decode(string) {
+  var body = new Buffer(string, 'base64').toString('utf8');
+  return JSON.parse(body);
+}
+
+/**
+ * Encode an object into a base64-encoded JSON string.
+ *
+ * @param {Object} body
+ * @return {String}
+ * @private
+ */
 
-  /**
-   * Decode the base64 cookie value to an object.
-   *
-   * @param {String} string
-   * @return {Object}
-   * @private
-   */
-
-  function decode(string) {
-    var body = new Buffer(string, 'base64').toString('utf8');
-    return JSON.parse(body);
-  }
-
-  /**
-   * Encode an object into a base64-encoded JSON string.
-   *
-   * @param {Object} body
-   * @return {String}
-   * @private
-   */
-
-  function encode(body) {
-    body = JSON.stringify(body);
-    return new Buffer(body).toString('base64');
-  }
-}).call(this);
+function encode(body) {
+  body = JSON.stringify(body);
+  return new Buffer(body).toString('base64');
+}

middleware/https-redirect-koa.js

@@ -0,0 +1,13 @@
+var endsWith = require('../lib/utils').endsWith;
+
+module.exports = function(AV) {
+  return function() {
+    return function *(next) {
+      if ((AV.Cloud.__prod || endsWith(this.request.hostname, '.leanapp.cn')) && (!this.request.secure)) {
+        this.response.redirect('https://' + this.request.hostname + this.request.originalUrl);
+      } else {
+        yield next;
+      }
+    }
+  }
+};

middleware/https-redirect.js

@@ -1,20 +1,15 @@
-// Generated by CoffeeScript 1.8.0
-(function() {
-  'use strict';
-  module.exports = function(AV) {
-    return function() {
-      return function(req, res, next) {
-        if ((AV.Cloud.__prod || endsWith(req.get('host'), '.leanapp.cn')) && (!req.secure)) {
-          return res.redirect('https://' + req.get('host') + req.originalUrl);
-        } else {
-          return next();
-        }
-      };
-    };
-  };
+'use strict';
 
-  function endsWith(str, suffix) {
-    return str.indexOf(suffix, str.length - suffix.length) !== -1;
-  }
+var endsWith = require('../lib/utils').endsWith;
 
-}).call(this);
+module.exports = function(AV) {
+  return function() {
+    return function(req, res, next) {
+      if ((AV.Cloud.__prod || endsWith(req.get('host'), '.leanapp.cn')) && (!req.secure)) {
+        return res.redirect('https://' + req.get('host') + req.originalUrl);
+      } else {
+        return next();
+      }
+    }
+  }
+};