TheCloud/PronounsPage
1
0
Fork 0
mirror of https://gitlab.com/PronounsPage/PronounsPage.git synced 2025-09-23 12:43:48 -04:00
Code Issues Packages Projects Releases Wiki Activity

(cookies) use longTimeCookieSetting in server routes

Browse Source
This commit is contained in:
Valentyne Stigloher 2024-04-26 18:33:11 +02:00
parent a4590eb192
commit 58a933d9b8
2 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
server/routes/mfa.js
View File

@ -10,7 +10,7 @@ import {
fetchLoginAttempts,
saveLoginAttempts,
} from './user.js';
import cookieSettings from '../../src/cookieSettings.ts';
import { longtimeCookieSetting } from '../../src/cookieSettings.ts';
import auditLog from '../audit.ts';
@ -79,7 +79,7 @@ router.post('/mfa/init', handleErrorAsync(async (req, res) => {
await auditLog(req, 'auth/mfa_initialised');
return res.cookie('token', token, cookieSettings).json(recoveryCodes);
return res.cookie('token', token, longtimeCookieSetting).json(recoveryCodes);
}));
router.post('/mfa/validate', handleErrorAsync(async (req, res) => {
@ -96,7 +96,7 @@ router.post('/mfa/validate', handleErrorAsync(async (req, res) => {
const token = await issueAuthentication(req.db, req.rawUser, true, false, { mfa: false, mfaRequired: false });
await auditLog(req, 'auth/mfa_recovery_successful');
return res.cookie('token', token, cookieSettings).json({ token });
return res.cookie('token', token, longtimeCookieSetting).json({ token });
}
}
@ -133,7 +133,7 @@ router.post('/mfa/validate', handleErrorAsync(async (req, res) => {
const token = await issueAuthentication(req.db, req.rawUser, true, false, { mfaRequired: false });
await auditLog(req, 'auth/mfa_validation_successful');
return res.cookie('token', token, cookieSettings).json({ token });
return res.cookie('token', token, longtimeCookieSetting).json({ token });
}));
router.post('/mfa/disable', handleErrorAsync(async (req, res) => {
@ -146,7 +146,7 @@ router.post('/mfa/disable', handleErrorAsync(async (req, res) => {
const token = await issueAuthentication(req.db, req.user);
await auditLog(req, 'auth/mfa_disabled');
return res.cookie('token', token, cookieSettings).json({ token });
return res.cookie('token', token, longtimeCookieSetting).json({ token });
}));
export default router;

12
server/routes/user.js
View File

@ -8,7 +8,7 @@ import mailer from '../../src/mailer.ts';
import { loadSuml } from '../loader.ts';
import avatar from '../avatar.ts';
import { config as socialLoginConfig, handlers as socialLoginHandlers, lookup as socialLookup } from '../social.ts';
import cookieSettings from '../../src/cookieSettings.ts';
import { longtimeCookieSetting } from '../../src/cookieSettings.ts';
import { validateCaptcha } from '../captcha.ts';
import assert from 'assert';
import { addMfaInfo } from './mfa.js';
@ -280,7 +280,7 @@ const reloadUser = async (req, res, next) => {
req.user.mfa !== dbUser.mfa
) {
const token = await issueAuthentication(req.db, dbUser, false);
res.cookie('token', token, cookieSettings);
res.cookie('token', token, longtimeCookieSetting);
req.rawUser = jwt.validate(token);
req.user = req.rawUser;
}
@ -337,7 +337,7 @@ export const loadCurrentUser = async (req, res) => {
const token = await issueAuthentication(req.db, dbUser, false);
if (req.query.no_cookie === undefined) {
res.cookie('token', token, cookieSettings);
res.cookie('token', token, longtimeCookieSetting);
}
req.rawUser = jwt.validate(token);
req.user = req.rawUser;
@ -658,12 +658,12 @@ router.get('/user/social/:provider', handleErrorAsync(async (req, res) => {
return `${host}/api/user/social-redirect-callback/${encodeURIComponent(token)}`;
};
return res.cookie('token', token, cookieSettings).redirect(buildRedirectUrl());
return res.cookie('token', token, longtimeCookieSetting).redirect(buildRedirectUrl());
}));
// happens on locale
router.get('/user/social-redirect-callback/:token', handleErrorAsync(async (req, res) => {
res.cookie('token', req.params.token, cookieSettings).redirect(`/${config.user.route}`);
res.cookie('token', req.params.token, longtimeCookieSetting).redirect(`/${config.user.route}`);
}));
router.get('/user/social-connections', handleErrorAsync(async (req, res) => {
@ -737,7 +737,7 @@ router.get('/user/init-universal/:token', handleErrorAsync(async (req, res) => {
return res.json('Already logged in');
}
res.cookie('token', req.params.token, cookieSettings);
res.cookie('token', req.params.token, longtimeCookieSetting);
return res.json('Token saved');
}));