Merge pull request 'Increased session longevity and implemented refresh system' (#126) from Session-length-extension into main

Reviewed-on: #126
2025-12-20 10:12:32 -06:00
parent dc3430aa2e 71f9240088
commit 6c2b88352d
3 changed files with 24 additions and 17 deletions
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -10,6 +10,7 @@
      "license": "ISC",
      "dependencies": {
        "@sentry/node": "^10.27.0",
+        "@types/express-session": "^1.18.2",
        "chalk": "^5.6.2",
        "connect-sqlite3": "^0.9.16",
        "cors": "^2.8.5",
@@ -758,7 +759,6 @@
      "version": "1.19.6",
      "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.6.tgz",
      "integrity": "sha512-HLFeCYgz89uk22N5Qg3dvGvsv46B8GLvKKo1zKG4NybA8U2DiEO3w9lqGg29t/tfLRJpJ6iQxnVw4OnB7MoM9g==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@types/connect": "*",
@@ -778,7 +778,6 @@
      "version": "5.0.3",
      "resolved": "https://registry.npmjs.org/@types/express/-/express-5.0.3.tgz",
      "integrity": "sha512-wGA0NX93b19/dZC1J18tKWVIYWyyF2ZjT9vin/NRu0qzzvfVzWjs04iq2rQ3H65vCTQYlRqs3YHfY7zjdV+9Kw==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@types/body-parser": "*",
@@ -790,7 +789,6 @@
      "version": "5.1.0",
      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-5.1.0.tgz",
      "integrity": "sha512-jnHMsrd0Mwa9Cf4IdOzbz543y4XJepXrbia2T4b6+spXC2We3t1y6K44D3mR8XMFSXMCf3/l7rCgddfx7UNVBA==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@types/node": "*",
@@ -799,6 +797,15 @@
        "@types/send": "*"
      }
    },
+    "node_modules/@types/express-session": {
+      "version": "1.18.2",
+      "resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.18.2.tgz",
+      "integrity": "sha512-k+I0BxwVXsnEU2hV77cCobC08kIsn4y44C3gC0b46uxZVMaXA04lSPgRLR/bSL2w0t0ShJiG8o4jPzRG/nscFg==",
+      "license": "MIT",
+      "dependencies": {
+        "@types/express": "*"
+      }
+    },
    "node_modules/@types/geojson": {
      "version": "7946.0.16",
      "resolved": "https://registry.npmjs.org/@types/geojson/-/geojson-7946.0.16.tgz",
@@ -809,14 +816,12 @@
      "version": "2.0.5",
      "resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.5.tgz",
      "integrity": "sha512-r8Tayk8HJnX0FztbZN7oVqGccWgw98T/0neJphO91KkmOzug1KkofZURD4UaD5uH8AqcFLfdPErnBod0u71/qg==",
-      "dev": true,
      "license": "MIT"
    },
    "node_modules/@types/mime": {
      "version": "1.3.5",
      "resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
      "integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w==",
-      "dev": true,
      "license": "MIT"
    },
    "node_modules/@types/morgan": {
@@ -871,21 +876,18 @@
      "version": "6.14.0",
      "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.14.0.tgz",
      "integrity": "sha512-eOunJqu0K1923aExK6y8p6fsihYEn/BYuQ4g0CxAAgFc4b/ZLN4CrsRZ55srTdqoiLzU2B2evC+apEIxprEzkQ==",
-      "dev": true,
      "license": "MIT"
    },
    "node_modules/@types/range-parser": {
      "version": "1.2.7",
      "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
      "integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==",
-      "dev": true,
      "license": "MIT"
    },
    "node_modules/@types/send": {
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/@types/send/-/send-1.2.0.tgz",
      "integrity": "sha512-zBF6vZJn1IaMpg3xUF25VK3gd3l8zwE0ZLRX7dsQyQi+jp4E8mMDJNGDYnYse+bQhYwWERTxVwHpi3dMOq7RKQ==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@types/node": "*"
@@ -895,7 +897,6 @@
      "version": "1.15.9",
      "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.9.tgz",
      "integrity": "sha512-dOTIuqpWLyl3BBXU3maNQsS4A3zuuoYRNIvYSxxhebPfXg2mzWQEPne/nlJ37yOse6uGgR386uTpdsx4D0QZWA==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@types/http-errors": "*",
@@ -907,7 +908,6 @@
      "version": "0.17.5",
      "resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.5.tgz",
      "integrity": "sha512-z6F2D3cOStZvuk2SaP6YrwkNO65iTZcwA2ZkSABegdkAh/lf+Aa/YQndZVfmEXT5vgAp6zv06VQ3ejSVjAny4w==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@types/mime": "^1",
--- a/api/package.json
+++ b/api/package.json
@@ -13,6 +13,7 @@
  },
  "dependencies": {
    "@sentry/node": "^10.27.0",
+    "@types/express-session": "^1.18.2",
    "chalk": "^5.6.2",
    "connect-sqlite3": "^0.9.16",
    "cors": "^2.8.5",
--- a/api/src/index.ts
+++ b/api/src/index.ts
@@ -55,21 +55,27 @@ if (process.env.DISABLE_GLITCHTIP === "true") {

 //session setup
 import path = require('path');
+// import session = require('express-session');
 import session = require('express-session');
 import passport = require('passport');
 const SQLiteStore = require('connect-sqlite3')(session);

-app.use(session({
+const cookieOptions: session.CookieOptions = {
+  httpOnly: true,
+  sameSite: 'lax',
+  domain: process.env.CLIENT_DOMAIN,
+  maxAge: 1000 * 60 * 60 * 24 * 30, //30 days
+}
+const sessionOptions: session.SessionOptions = {
  secret: 'whatever',
  resave: false,
  saveUninitialized: false,
  store: new SQLiteStore({ db: 'sessions.db', dir: './' }),
-  cookie: {
-    httpOnly: true,
-    sameSite: 'lax',
-    domain: process.env.CLIENT_DOMAIN
+  rolling: true,
+  cookie: cookieOptions
 }
-}));
+
+app.use(session(sessionOptions));
 app.use(passport.authenticate('session'));

 // Mount route modules