UNPKG

@cotype/core/lib/session.js

Version:

1.69 kBJavaScriptView Raw

1"use strict";
2var __importDefault = (this && this.__importDefault) || function (mod) {
3    return (mod && mod.__esModule) ? mod : { "default": mod };
4};
5Object.defineProperty(exports, "__esModule", { value: true });
6const crypto_random_string_1 = __importDefault(require("crypto-random-string"));
7const cookie_session_1 = __importDefault(require("cookie-session"));
8const log_1 = __importDefault(require("./log"));
9function secret(opts = {}) {
10    if (opts.secret) {
11        /* Assume user provided everything needed */
12        return { secret: opts.secret, signed: true };
13    }
14    // Don't sign session when testing as the http client in Node < 10 does not
15    // properly handle multiple set-cookie headers.
16    const signed = process.env.NODE_ENV !== "test";
17    if (!signed) {
18        return { signed: false, secret: undefined };
19    }
20    if (process.env.NODE_ENV === "development") {
21        log_1.default.info(`SESSION_SECRET env not set - using default secret for development.`);
22        return {
23            secret: "insecure",
24            signed: true
25        };
26    }
27    log_1.default.info(`SESSION_SECRET env not set - generating a random secret for production.`);
28    log_1.default.info(`NOTE: Set a secret to keep sessions across server restarts and to allow horizontal scaling.`);
29    return {
30        secret: crypto_random_string_1.default({ length: 20 }),
31        signed: true
32    };
33}
34/**
35 * Returns a middleware that does the session handling.
36 */
37exports.default = (opts) => {
38    return cookie_session_1.default({
39        name: "session",
40        maxAge: 24 * 60 * 60 * 1000,
41        ...opts,
42        ...secret(opts)
43    });
44};
45//# sourceMappingURL=session.js.map
\No newline at end of file

1	`"use strict";`
2	`var __importDefault = (this && this.__importDefault) \|\| function (mod) {`
3	`return (mod && mod.__esModule) ? mod : { "default": mod };`
4	`};`
5	`Object.defineProperty(exports, "__esModule", { value: true });`
6	`const crypto_random_string_1 = __importDefault(require("crypto-random-string"));`
7	`const cookie_session_1 = __importDefault(require("cookie-session"));`
8	`const log_1 = __importDefault(require("./log"));`
9	`function secret(opts = {}) {`
10	`if (opts.secret) {`
11	`/* Assume user provided everything needed */`
12	`return { secret: opts.secret, signed: true };`
13	`}`
14	`// Don't sign session when testing as the http client in Node < 10 does not`
15	`// properly handle multiple set-cookie headers.`
16	`const signed = process.env.NODE_ENV !== "test";`
17	`if (!signed) {`
18	`return { signed: false, secret: undefined };`
19	`}`
20	`if (process.env.NODE_ENV === "development") {`
21	log_1.default.info(`SESSION_SECRET env not set - using default secret for development.`);
22	`return {`
23	`secret: "insecure",`
24	`signed: true`
25	`};`
26	`}`
27	log_1.default.info(`SESSION_SECRET env not set - generating a random secret for production.`);
28	log_1.default.info(`NOTE: Set a secret to keep sessions across server restarts and to allow horizontal scaling.`);
29	`return {`
30	`secret: crypto_random_string_1.default({ length: 20 }),`
31	`signed: true`
32	`};`
33	`}`
34	`/**`
35	`* Returns a middleware that does the session handling.`
36	`*/`
37	`exports.default = (opts) => {`
38	`return cookie_session_1.default({`
39	`name: "session",`
40	`maxAge: 24 * 60 * 60 * 1000,`
41	`...opts,`
42	`...secret(opts)`
43	`});`
44	`};`
45	`//# sourceMappingURL=session.js.map`
\	No newline at end of file