Add session maxAge
This commit is contained in:
Maki
+13
-11
@@ -29,19 +29,19 @@ if (!fs.existsSync(path.join(process.cwd(), ".env"))) {
|
|||||||
const secret = PasswordGen(24)
|
const secret = PasswordGen(24)
|
||||||
|
|
||||||
const rString = `
|
const rString = `
|
||||||
port=80
|
port=80
|
||||||
altregion=us # the displayed region in each page's header
|
altregion=us # the displayed region in each page's header
|
||||||
|
|
||||||
servicename=File Server # the displayed service name in each page's header
|
servicename=File Server # the displayed service name in each page's header
|
||||||
description=A simple file server built with Express. # the displayed description in the home page
|
description=A simple file server built with Express. # the displayed description in the home page
|
||||||
|
|
||||||
bootmessage=Welcome!
|
bootmessage=Welcome!
|
||||||
|
|
||||||
session_secret=${secret} # the session secret used for logins. you can generate a new secret using the idGen command.
|
session_secret=${secret} # the session secret used for logins. you can generate a new secret using the idGen command.
|
||||||
enable_register=false # it's advised to keep this off unless you're hosting a public instance
|
enable_register=false # it's advised to keep this off unless you're hosting a public instance
|
||||||
|
|
||||||
postwrite_notice=Hi! # the notice on top of the post form
|
postwrite_notice=Hi! # the notice on top of the post form
|
||||||
postwrite_html=false # if enabled, users can use html in posts. this is unsafe! you can set it to true if you trust your users.
|
postwrite_html=false # if enabled, users can use html in posts. this is unsafe! you can set it to true if you trust your users.
|
||||||
`
|
`
|
||||||
|
|
||||||
fs.writeFileSync(path.join(process.cwd(), ".env"), rString);
|
fs.writeFileSync(path.join(process.cwd(), ".env"), rString);
|
||||||
@@ -74,7 +74,7 @@ export var server: Server;
|
|||||||
|
|
||||||
import moment from 'moment-timezone'
|
import moment from 'moment-timezone'
|
||||||
import { Server } from "http";
|
import { Server } from "http";
|
||||||
import session from "express-session";
|
import session, { MemoryStore, Store } from "express-session";
|
||||||
|
|
||||||
var accessLogStream = fs.createWriteStream('./pvfiles/interactions.log', { flags: 'a' });
|
var accessLogStream = fs.createWriteStream('./pvfiles/interactions.log', { flags: 'a' });
|
||||||
|
|
||||||
@@ -88,15 +88,17 @@ try {
|
|||||||
filename: (req, file, cb) =>
|
filename: (req, file, cb) =>
|
||||||
cb(null, `${Date.now()}_${file.originalname}`)
|
cb(null, `${Date.now()}_${file.originalname}`)
|
||||||
})
|
})
|
||||||
upload = multer({storage})
|
upload = multer({ storage })
|
||||||
|
|
||||||
app.use(
|
app.use(
|
||||||
session({
|
session({
|
||||||
name: "session",
|
name: "session",
|
||||||
|
store: new MemoryStore(),
|
||||||
secret: process.env.session_secret,
|
secret: process.env.session_secret,
|
||||||
resave: false,
|
resave: false,
|
||||||
saveUninitialized: false,
|
saveUninitialized: false,
|
||||||
cookie: {
|
cookie: {
|
||||||
|
maxAge: Date.now() + (30 * 24 * 3600 * 1000),
|
||||||
httpOnly: true,
|
httpOnly: true,
|
||||||
sameSite: "lax",
|
sameSite: "lax",
|
||||||
secure: dev
|
secure: dev
|
||||||
|
|||||||
+1
-1
@@ -91,7 +91,7 @@ export async function Main(app: Express) {
|
|||||||
username: user.username
|
username: user.username
|
||||||
};
|
};
|
||||||
|
|
||||||
res.redirect("/");
|
res.redirect(req.query?.next?.toString() ?? "/");
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
|||||||
+2
-2
@@ -185,7 +185,7 @@ export async function Main(app: Express) {
|
|||||||
<form action="/posts/new" method="GET">
|
<form action="/posts/new" method="GET">
|
||||||
<button class="tonly">New Post</button>
|
<button class="tonly">New Post</button>
|
||||||
</form>
|
</form>
|
||||||
` : `<p><a href="/login">Log in</a> to create posts.</p>`}
|
` : `<p><a href="/login?next=/posts/new">Log in</a> to create posts.</p>`}
|
||||||
<hr>
|
<hr>
|
||||||
<br>
|
<br>
|
||||||
<div class="postlist_r">
|
<div class="postlist_r">
|
||||||
@@ -202,7 +202,7 @@ export async function Main(app: Express) {
|
|||||||
<p>You must be logged in to create a post.</p>
|
<p>You must be logged in to create a post.</p>
|
||||||
</div>
|
</div>
|
||||||
`, `
|
`, `
|
||||||
<a href="/login">Log in</a> | <a href="/register">Register</a><br><br>
|
<a href="/login?next=/posts/new">Log in</a> | <a href="/register?next=/posts/new">Register</a><br><br>
|
||||||
`))
|
`))
|
||||||
else {
|
else {
|
||||||
return res.send(newpost_string());
|
return res.send(newpost_string());
|
||||||
|
|||||||
+1
-75
@@ -91,81 +91,7 @@ export async function Main(app: Express) {
|
|||||||
if (isnameerror)
|
if (isnameerror)
|
||||||
res.send(register_string(`The username ${username} is already taken!`))
|
res.send(register_string(`The username ${username} is already taken!`))
|
||||||
else
|
else
|
||||||
res.send(`
|
res.redirect(req.query?.next?.toString() ?? "/");
|
||||||
<!DOCTYPE html>
|
|
||||||
|
|
||||||
<body>
|
|
||||||
<style>
|
|
||||||
h1 {
|
|
||||||
font-size: 50
|
|
||||||
}
|
|
||||||
|
|
||||||
body {
|
|
||||||
margin-right: 10%;
|
|
||||||
margin-left: 10%;
|
|
||||||
margin-bottom: 10%;
|
|
||||||
text-align: left;
|
|
||||||
color: black;
|
|
||||||
font-family: Verdana, sans-serif;
|
|
||||||
}
|
|
||||||
|
|
||||||
a:link {
|
|
||||||
color: #3c72a3
|
|
||||||
}
|
|
||||||
|
|
||||||
a:visited {
|
|
||||||
color: #2a567d
|
|
||||||
}
|
|
||||||
|
|
||||||
@media screen and (prefers-color-scheme: dark) {
|
|
||||||
body {
|
|
||||||
background-color: #383737;
|
|
||||||
color: #b0acac;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@media screen and (prefers-color-scheme: light) {
|
|
||||||
body {
|
|
||||||
background-color: #e3e3e3;
|
|
||||||
color: black;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
.description {
|
|
||||||
font-size: 32px
|
|
||||||
}
|
|
||||||
|
|
||||||
.details {
|
|
||||||
font-size: 20px
|
|
||||||
}
|
|
||||||
|
|
||||||
.extra {
|
|
||||||
font-size: 24px
|
|
||||||
}
|
|
||||||
|
|
||||||
</style>
|
|
||||||
<h1>${process.env.servicename || "File Server"}</h1>
|
|
||||||
<div class="details">
|
|
||||||
<p>Server region: ${'(alternate) ' + process.env.altregion}</p>
|
|
||||||
</div><hr><br>
|
|
||||||
<div class="description">
|
|
||||||
${process.env.description || "A simple file server built with Express."}
|
|
||||||
</div>
|
|
||||||
<div class="extra">
|
|
||||||
Account created successfully!<br>
|
|
||||||
${req.session.user ? `
|
|
||||||
<p>Logged in as ${req.session.user.username}<br>
|
|
||||||
<a href=/api/logout>log out</a></p>
|
|
||||||
` : `
|
|
||||||
<a href=/login>Log in</a> | <a href=/register>Register</a><br>
|
|
||||||
`}
|
|
||||||
<br><br>
|
|
||||||
Pages<br>
|
|
||||||
) <a href=/staticfiles>/staticfiles</a><br>
|
|
||||||
) <a href="/">Home</a>
|
|
||||||
</div>
|
|
||||||
</body>
|
|
||||||
`);
|
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
|
|||||||
+1
-1
@@ -145,7 +145,7 @@ export async function Main(app: Express) {
|
|||||||
|
|
||||||
app.get("/upload", async (req: Request, res: Response) => {
|
app.get("/upload", async (req: Request, res: Response) => {
|
||||||
if (!req.session.user)
|
if (!req.session.user)
|
||||||
return res.status(401).send(upload_string("", "You must be <a href=/login>logged in</a> to use this feature."))
|
return res.status(401).send(upload_string("", "You must be <a href=/login?next=/upload>logged in</a> to use this feature."))
|
||||||
else {
|
else {
|
||||||
const user = req.session.user;
|
const user = req.session.user;
|
||||||
return res.send(await upload_string_home(null, null, user))
|
return res.send(await upload_string_home(null, null, user))
|
||||||
|
|||||||
Reference in New Issue
Block a user