mirror of
https://github.com/fosrl/pangolin.git
synced 2025-08-04 18:14:53 +02:00
more visual enhancements and use expires instead of max age in cookies
This commit is contained in:
parent
759434e9f8
commit
adef93623d
17 changed files with 151 additions and 137 deletions
|
@ -102,6 +102,8 @@ export async function exchangeSession(
|
|||
|
||||
const token = generateSessionToken();
|
||||
|
||||
let expiresAt: number | null = null;
|
||||
|
||||
if (requestSession.userSessionId) {
|
||||
const [res] = await db
|
||||
.select()
|
||||
|
@ -118,6 +120,7 @@ export async function exchangeSession(
|
|||
expiresAt: res.expiresAt,
|
||||
sessionLength: SESSION_COOKIE_EXPIRES
|
||||
});
|
||||
expiresAt = res.expiresAt;
|
||||
}
|
||||
} else if (requestSession.accessTokenId) {
|
||||
const [res] = await db
|
||||
|
@ -140,8 +143,12 @@ export async function exchangeSession(
|
|||
expiresAt: res.expiresAt,
|
||||
sessionLength: res.sessionLength
|
||||
});
|
||||
expiresAt = res.expiresAt;
|
||||
}
|
||||
} else {
|
||||
const expires = new Date(
|
||||
Date.now() + SESSION_COOKIE_EXPIRES
|
||||
).getTime();
|
||||
await createResourceSession({
|
||||
token,
|
||||
resourceId: resource.resourceId,
|
||||
|
@ -152,11 +159,10 @@ export async function exchangeSession(
|
|||
whitelistId: requestSession.whitelistId,
|
||||
accessTokenId: requestSession.accessTokenId,
|
||||
doNotExtend: false,
|
||||
expiresAt: new Date(
|
||||
Date.now() + SESSION_COOKIE_EXPIRES
|
||||
).getTime(),
|
||||
expiresAt: expires,
|
||||
sessionLength: RESOURCE_SESSION_COOKIE_EXPIRES
|
||||
});
|
||||
expiresAt = expires;
|
||||
}
|
||||
|
||||
const cookieName = `${config.getRawConfig().server.session_cookie_name}`;
|
||||
|
@ -164,7 +170,8 @@ export async function exchangeSession(
|
|||
cookieName,
|
||||
resource.fullDomain!,
|
||||
token,
|
||||
!resource.ssl
|
||||
!resource.ssl,
|
||||
expiresAt ? new Date(expiresAt) : undefined
|
||||
);
|
||||
|
||||
logger.debug(JSON.stringify("Exchange cookie: " + cookie));
|
||||
|
|
|
@ -384,7 +384,7 @@ async function createAccessTokenSession(
|
|||
tokenItem: ResourceAccessToken
|
||||
) {
|
||||
const token = generateSessionToken();
|
||||
await createResourceSession({
|
||||
const sess = await createResourceSession({
|
||||
resourceId: resource.resourceId,
|
||||
token,
|
||||
accessTokenId: tokenItem.accessTokenId,
|
||||
|
@ -397,7 +397,8 @@ async function createAccessTokenSession(
|
|||
cookieName,
|
||||
resource.fullDomain!,
|
||||
token,
|
||||
!resource.ssl
|
||||
!resource.ssl,
|
||||
new Date(sess.expiresAt)
|
||||
);
|
||||
res.appendHeader("Set-Cookie", cookie);
|
||||
logger.debug("Access token is valid, creating new session");
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue