与nodejs express分享laravel 4会话
我试图从nodejs头上的cookie获取laravel会话id。
我已经尝试了迄今为止:
function nodeDecrypt(data, key, iv) { var decipher = crypto.createDecipheriv('aes-256-cbc', key, iv); var chunks = [] chunks.push(decipher.update(chunk.toString(),'hex','binary')) chunks.push(decipher.final('binary')) return chunks.join('') } var cookie = JSON.parse(new Buffer(req.cookies.gjsess, 'base64')); var iv = new Buffer(cookie.iv, 'base64'); var value = new Buffer(cookie.value, 'base64'); var dec = nodeDecrypt(value, 'YourSecretKey!!!', iv); 但到目前为止,我一直得到Invalid IV length 32 。
YourSecretKey!!! 是laravel 4的app.php中find的关键。
Laravelencryption机制:
protected $cipher = 'rijndael-256'; protected $mode = 'cbc'; protected $block = 32;
…
$payload = $this->getJsonPayload($payload); $value = base64_decode($payload['value']); $iv = base64_decode($payload['iv']); return unserialize($this->stripPadding($this->mcryptDecrypt($value, $iv)));
…
return mcrypt_decrypt($this->cipher, $this->key, $value, $this->mode, $iv);
…
$this->app->bindShared('encrypter', function($app) { return new Encrypter($app['config']['app.key']); });
其他尝试
var cookie = JSON.parse(new Buffer(req.cookies.gjsess, 'base64')); var iv = new Buffer(cookie.iv, 'base64'); var value = new Buffer(cookie.value, 'base64'); var MCrypt = require('mcrypt').MCrypt; var desEcb = new MCrypt('rijndael-256', 'cbc'); desEcb.open('YourSecretKey!!!'); var plaintext = desEcb.decrypt(value, 'base64');
这不会给出错误,但仍然得到无用的数据。
最后我也明白了! 这是我的解决scheme。 为我完美的作品。
// requirements var PHPUnserialize = require('php-unserialize'); // npm install php-unserialize var MCrypt = require('mcrypt').MCrypt; // npm install mcrypt // helper function function ord( string ) { // Return ASCII value of character // // + original by: Kevin van Zonneveld (http://kevin.vanzonneveld.net) return string.charCodeAt(0); } function getSessionIdFromLaravelCookie() { var cookie = JSON.parse(new Buffer(req.cookies.laravel_session, 'base64')); var iv = new Buffer(cookie.iv, 'base64'); var value = new Buffer(cookie.value, 'base64'); var key = "_Encryption Key_"; var rijCbc = new MCrypt('rijndael-256', 'cbc'); rijCbc.open(key, iv); // it's very important to pass iv argument! var decrypted = rijCbc.decrypt(value).toString(); var len = decrypted.length - 1; var pad = ord(decrypted.charAt(len)); var sessionId = PHPUnserialize.unserialize(decrypted.substr(0, decrypted.length - pad)); return sessionId; }
通过@ 7侧扩展答案,我已经提出了以下内容。 这是从laravel cookie中获取会话ID,因为现在它使用aes-256-cbc。
var app = require('express')(); var http = require('http').Server(app); var io = require('socket.io')(http); var cookieParser = require('socket.io-cookie-parser'); var PHPUnserialize = require('php-unserialize'); var Crypto = require('crypto'); io.use(cookieParser()); function getSessionIdFromLaravelCookie(req) { var cookie = JSON.parse(new Buffer(req.cookies.laravel_session, 'base64')); var iv = new Buffer(cookie.iv, 'base64'); var value = new Buffer(cookie.value, 'base64'); var key = "--encryption-key--"; var decipher = Crypto.createDecipheriv('aes-256-cbc', key, iv); decipher.setAutoPadding(false) var dec = Buffer.concat([decipher.update(value), decipher.final()]); var sessionId = PHPUnserialize.unserialize(dec); return sessionId; }