bo/worklenz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(session): update session middleware configuration

Browse Source 
- Changed session middleware settings to resave sessions when uninitialized and prevent saving uninitialized sessions.
- Updated cookie settings to enable httpOnly and set secure to false, enhancing security measures for session management.
This commit is contained in:
chamikaJ
2025-05-29 16:48:25 +05:30
parent 6a2e9afff8
commit a3d5e63635
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
worklenz-backend/src/middlewares/session-middleware.ts
View File

@@ -9,8 +9,8 @@ export default session({
name: process.env.SESSION_NAME, name: process.env.SESSION_NAME,
secret: process.env.SESSION_SECRET || "development-secret-key", secret: process.env.SESSION_SECRET || "development-secret-key",
proxy: false, proxy: false,
resave: false, resave: true,
saveUninitialized: true, saveUninitialized: false,
rolling: true, rolling: true,
store: new pgSession({ store: new pgSession({
pool: db.pool, pool: db.pool,
@@ -18,8 +18,8 @@ export default session({
}), }),
cookie: { cookie: {
path: "/", path: "/",
// secure: isProduction(), httpOnly: true,
// httpOnly: isProduction(), secure: false,
// sameSite: "none", // sameSite: "none",
// domain: isProduction() ? ".worklenz.com" : undefined, // domain: isProduction() ? ".worklenz.com" : undefined,
maxAge: 30 * 24 * 60 * 60 * 1000 // 30 days maxAge: 30 * 24 * 60 * 60 * 1000 // 30 days