diff options
| author | ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-11-02 16:06:53 +0000 |
|---|---|---|
| committer | ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-11-02 16:06:53 +0000 |
| commit | 441c9e85dcb824dba2a44657a31fa29ad71a4ee1 (patch) | |
| tree | e3558477d639a95bb5a24807d2a8174c73e1ac83 /js/lib/security.js | |
| parent | 99b267a9fc4b023e54a9d2c8ec9bd9fe42a32e54 (diff) | |
| download | elgg-441c9e85dcb824dba2a44657a31fa29ad71a4ee1.tar.gz elgg-441c9e85dcb824dba2a44657a31fa29ad71a4ee1.tar.bz2 | |
Refs #2538: Moved js directory to elgg root.
git-svn-id: http://code.elgg.org/elgg/trunk@7189 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'js/lib/security.js')
| -rw-r--r-- | js/lib/security.js | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/js/lib/security.js b/js/lib/security.js new file mode 100644 index 000000000..bdd762560 --- /dev/null +++ b/js/lib/security.js @@ -0,0 +1,70 @@ +/**
+ * Hold security-related data here
+ */
+elgg.provide('elgg.security');
+
+elgg.security.token = {};
+
+elgg.security.setToken = function(json) {
+ //update the convenience object
+ elgg.security.token = json;
+
+ //also update all forms
+ $('[name=__elgg_ts]').val(json.__elgg_ts);
+ $('[name=__elgg_token]').val(json.__elgg_token);
+
+ //also update all links
+ $('[href]').each(function() {
+ this.href = this.href
+ .replace(/__elgg_ts=\d*/, '__elgg_ts=' + json.__elgg_ts)
+ .replace(/__elgg_token=[0-9a-f]*/, '__elgg_token=' + json.__elgg_token);
+ });
+};
+
+/**
+ * Security tokens time out, so lets refresh those every so often
+ * @todo handle error and bad return data
+ */
+elgg.security.refreshToken = function() {
+ elgg.action('ajax/securitytoken', function(data) {
+ elgg.security.setToken(data.output);
+ });
+};
+
+
+/**
+ * Add elgg action tokens to an object or string (assumed to be url data)
+ *
+ * @param {Object|string} data
+ * @return {Object} The new data object including action tokens
+ * @private
+ */
+elgg.security.addToken = function(data) {
+
+ //addToken('data=sofar')
+ if (typeof data == 'string') {
+ var args = [];
+ if(data) {
+ args.push(data);
+ }
+ args.push("__elgg_ts=" + elgg.security.token.__elgg_ts);
+ args.push("__elgg_token=" + elgg.security.token.__elgg_token)
+
+ return args.join('&');
+ }
+
+ //addToken({...})
+ if (typeof data == 'object' || typeof data == 'undefined') {
+ return $.extend(data, elgg.security.token);
+ }
+
+ //addToken(???)
+ throw new TypeError("elgg.security.addToken not implemented for " + (typeof data) + "s");
+};
+
+elgg.security.init = function() {
+ //refresh security token every 5 minutes
+ setInterval(elgg.security.refreshToken, elgg.security.interval);
+};
+
+elgg.register_event_handler('boot', 'system', elgg.security.init);
\ No newline at end of file |