From f3fa93acb1063be2a2de88a6d2841b5d3a982d85 Mon Sep 17 00:00:00 2001 From: ewinslow Date: Mon, 1 Nov 2010 07:34:24 +0000 Subject: Refs #2538: Pulled in elgg JS object and unit tests git-svn-id: http://code.elgg.org/elgg/trunk@7173 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/js/lib/security.js | 72 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 engine/js/lib/security.js (limited to 'engine/js/lib/security.js') diff --git a/engine/js/lib/security.js b/engine/js/lib/security.js new file mode 100644 index 000000000..f4494111b --- /dev/null +++ b/engine/js/lib/security.js @@ -0,0 +1,72 @@ +/** + * Hold security-related data here + */ +elgg.provide('elgg.security'); + +elgg.security.token = {}; + +elgg.security.init = function() { + //refresh security token every 5 minutes + setInterval(elgg.security.refreshToken, elgg.security.interval); +}; + +elgg.security.setToken = function(json) { + //update the convenience object + elgg.security.token = json; + + //also update all forms + $('[name=__elgg_ts]').val(json.__elgg_ts); + $('[name=__elgg_token]').val(json.__elgg_token); + + //also update all links + $('[href]').each(function() { + this.href = this.href + .replace(/__elgg_ts=\d*/, '__elgg_ts=' + json.__elgg_ts) + .replace(/__elgg_token=[0-9a-f]*/, '__elgg_token=' + json.__elgg_token); + }); +}; + +/** + * Security tokens time out, so lets refresh those every so often + * @todo handle error and bad return data + */ +elgg.security.refreshToken = function() { + elgg.action('ajax/securitytoken', function(data) { + elgg.security.setToken(data.output); + }); +}; + + +/** + * Add elgg action tokens to an object or string (assumed to be url data) + * + * @param {Object|string} data + * @return {Object} The new data object including action tokens + * @private + */ +elgg.security.addToken = function(data) { + + //addToken('data=sofar') + if (typeof data == 'string') { + var args = []; + if(data) { + args.push(data); + } + args.push("__elgg_ts=" + elgg.security.token.__elgg_ts); + args.push("__elgg_token=" + elgg.security.token.__elgg_token) + + return args.join('&'); + } + + //addToken({...}) + if (typeof data == 'object' || typeof data == 'undefined') { + return $.extend(data, elgg.security.token); + } + + //addToken(???) + throw new TypeError("elgg.security.addToken not implemented for " + (typeof data) + "s"); +}; + +$(function() { + elgg.security.init(); +}); \ No newline at end of file -- cgit v1.2.3