From 27eaa5add5ddfc97053afe41fb44c1116c36addb Mon Sep 17 00:00:00 2001 From: Fabian Jakobs Date: Mon, 12 Oct 2015 12:22:25 +0000 Subject: [PATCH] implement new user content auth for preview --- plugins/c9.preview/preview.handler.js | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/plugins/c9.preview/preview.handler.js b/plugins/c9.preview/preview.handler.js index d59b24bd..3bf1f351 100644 --- a/plugins/c9.preview/preview.handler.js +++ b/plugins/c9.preview/preview.handler.js @@ -39,7 +39,13 @@ define(function(require, exports, module) { session.ws = {}; req.projectSession = session.ws[ws]; - if (!req.projectSession || !req.projectSession.expires || req.projectSession.expires <= Date.now()) { + + if ( + !req.projectSession || + !req.projectSession.expires || + req.projectSession.expires <= Date.now() || + req.projectSession.uid != req.user.id + ) { req.projectSession = session.ws[ws] = { expires: Date.now() + 10000 }; @@ -77,6 +83,7 @@ define(function(require, exports, module) { } req.projectSession.role = role; req.projectSession.pid = project.id; + req.projectSession.uid = req.user.id; var type = project.scm; req.projectSession.type = type; @@ -137,8 +144,8 @@ define(function(require, exports, module) { var path = req.params.path; var url = req.proxyUrl + path; - if (req.session.token) - url += "?access_token=" + encodeURIComponent(req.session.token.id || req.session.token); + if (req.user.code) + url += "?access_token=" + encodeURIComponent(req.user.code); var parsedUrl = parseUrl(url); var httpModule = parsedUrl.protocol == "https:" ? https : http;