fix(session): update session middleware configuration

- Changed session middleware settings to resave sessions when uninitialized and prevent saving uninitialized sessions.
- Updated cookie settings to enable httpOnly and set secure to false, enhancing security measures for session management.

worklenz-backend/src/middlewares/session-middleware.ts

@@ -9,8 +9,8 @@ export default session({
   name: process.env.SESSION_NAME,
   secret: process.env.SESSION_SECRET || "development-secret-key",
   proxy: false,
-  resave: false,
-  saveUninitialized: true,
+  resave: true,
+  saveUninitialized: false,
   rolling: true,
   store: new pgSession({
     pool: db.pool,
@@ -18,8 +18,8 @@ export default session({
   }),
   cookie: {
     path: "/",
-    // secure: isProduction(),
-    // httpOnly: isProduction(),
+    httpOnly: true,
+    secure: false,
     // sameSite: "none",
     // domain: isProduction() ? ".worklenz.com" : undefined,
     maxAge: 30 * 24 * 60 * 60 * 1000 // 30 days