blob: bdd762560b1f0bc4f9588cf548974e11b9916395 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
/**
* Hold security-related data here
*/
elgg.provide('elgg.security');
elgg.security.token = {};
elgg.security.setToken = function(json) {
//update the convenience object
elgg.security.token = json;
//also update all forms
$('[name=__elgg_ts]').val(json.__elgg_ts);
$('[name=__elgg_token]').val(json.__elgg_token);
//also update all links
$('[href]').each(function() {
this.href = this.href
.replace(/__elgg_ts=\d*/, '__elgg_ts=' + json.__elgg_ts)
.replace(/__elgg_token=[0-9a-f]*/, '__elgg_token=' + json.__elgg_token);
});
};
/**
* Security tokens time out, so lets refresh those every so often
* @todo handle error and bad return data
*/
elgg.security.refreshToken = function() {
elgg.action('ajax/securitytoken', function(data) {
elgg.security.setToken(data.output);
});
};
/**
* Add elgg action tokens to an object or string (assumed to be url data)
*
* @param {Object|string} data
* @return {Object} The new data object including action tokens
* @private
*/
elgg.security.addToken = function(data) {
//addToken('data=sofar')
if (typeof data == 'string') {
var args = [];
if(data) {
args.push(data);
}
args.push("__elgg_ts=" + elgg.security.token.__elgg_ts);
args.push("__elgg_token=" + elgg.security.token.__elgg_token)
return args.join('&');
}
//addToken({...})
if (typeof data == 'object' || typeof data == 'undefined') {
return $.extend(data, elgg.security.token);
}
//addToken(???)
throw new TypeError("elgg.security.addToken not implemented for " + (typeof data) + "s");
};
elgg.security.init = function() {
//refresh security token every 5 minutes
setInterval(elgg.security.refreshToken, elgg.security.interval);
};
elgg.register_event_handler('boot', 'system', elgg.security.init);
|
