Codeigniter reads cookie session in nodejs

Question

Codeigniter reads cookie session in nodejs

I am building an application with codeigniter and implementing nodejs for things in real time. I want to check if a user is registered with nodejs. With the code below, I can get the codeigniter session id on the nodejs server:

var server = require('https').createServer(options, function(request, response){ var cookies=(function(str){ var result={}; str.split(/;\s+/).forEach(function(e){ var parts=e.split(/=/,2); result[parts[0]]=parts[1]||''; }); return result; })(request.headers.cookie), sessionCookieName='ci_session', sessionId=cookies[sessionCookieName]||''; console.log(sessionId); }).listen(8080);

The codeigniter session is stored in the database, and encryption is set to true. And sess_match_ip = TRUE, sess_match_useragent = TRUE;

Now my question is: what is a good way to check if a user is logged in? I installed the node-mysql client. I know that CI does something like:

 SELECT * FROM (`ci_sessions`) WHERE `session_id` = 'blabla' AND `ip_address` = '127.0.0.1' AND `user_agent` = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.121 Safari/535.2'

How to decrypt a session id and check if it matches with db?

Thanks in advance

George

+7

node.js php mysql codeigniter session

georgesamper Dec 02 '11 at 1:36

source share

2 answers

To add TrexXx to the answer, I found that using the php-unserialize extension (npm install php-unserialize) leads to a better browser transition. The request will receive results from an unserialized object, which is much more reliable:

 var leSessionObj = require('php-unserialize').unserialize(sessionId);

Then

 var query = 'select * from ci_sessions where session_id=' + leSessionObj.session_id + ' and ip_address=' + leSessionObj.ip_address + ' and user_agent=' + leSessionObj.user_agent;

0

Antonio Max Jul 08 '13 at 2:00

source share

Trexxx · Accepted Answer · 2011-12-02T09:40:36+0000

To decrypt a cookie using node.js, I think the easiest way is to directly access the CodeIgniter application through the command. So, create a controller with the decrypt function (for example):

 class Welcome extends CI_Controller { public function decrypt($toDescrypt) { $this->load->library('encrypt'); $toDescrypt = urldecode($toDescrypt); echo $this->encrypt->decode($toDescrypt); } }

And in node.js:

 var exec = require('child_process').exec; var mysql = require('mysql'); var client = mysql.createClient({ user: 'root', password: '' }); var server = require('http').createServer(function(request, response){ var cookies=(function(str){ var result={}; str.split(/;\s+/).forEach(function(e){ var parts=e.split(/=/,2); result[parts[0]]=parts[1]||''; }); return result; })(request.headers.cookie), sessionCookieName='ci_session', sessionId=cookies[sessionCookieName]||''; //Execute the PHP code which will decrypt your sessionId and then you can use it to make your request var result = exec('php index.php welcome decrypt ' + sessionId, function(error, stdout, stderr) { var parts = stdout.split(';') var session_id = parts[1].split(':')[2]; var ip_address = parts[3].split(':')[2]; var user_agent = parts[5].split(':')[2] + ';' + parts[6] + ';' + parts[7]; var query = 'select * from ci_sessions where session_id=' + session_id + ' and ip_address=' + ip_address + ' and user_agent=' + user_agent; client.query('use test'); client.query(query, function(err, results, fields) { console.log(results[0].user_data); client.end(); }); }); }).listen(8080);

Codeigniter reads cookie session in nodejs

More articles: