1 | "use strict";
|
2 | var __importDefault = (this && this.__importDefault) || function (mod) {
|
3 | return (mod && mod.__esModule) ? mod : { "default": mod };
|
4 | };
|
5 | Object.defineProperty(exports, "__esModule", { value: true });
|
6 | const crypto_random_string_1 = __importDefault(require("crypto-random-string"));
|
7 | const cookie_session_1 = __importDefault(require("cookie-session"));
|
8 | const log_1 = __importDefault(require("./log"));
|
9 | function secret(opts = {}) {
|
10 | if (opts.secret) {
|
11 |
|
12 | return { secret: opts.secret, signed: true };
|
13 | }
|
14 |
|
15 |
|
16 | const signed = process.env.NODE_ENV !== "test";
|
17 | if (!signed) {
|
18 | return { signed: false, secret: undefined };
|
19 | }
|
20 | if (process.env.NODE_ENV === "development") {
|
21 | log_1.default.info(`SESSION_SECRET env not set - using default secret for development.`);
|
22 | return {
|
23 | secret: "insecure",
|
24 | signed: true
|
25 | };
|
26 | }
|
27 | log_1.default.info(`SESSION_SECRET env not set - generating a random secret for production.`);
|
28 | log_1.default.info(`NOTE: Set a secret to keep sessions across server restarts and to allow horizontal scaling.`);
|
29 | return {
|
30 | secret: crypto_random_string_1.default({ length: 20 }),
|
31 | signed: true
|
32 | };
|
33 | }
|
34 |
|
35 |
|
36 |
|
37 | exports.default = (opts) => {
|
38 | return cookie_session_1.default({
|
39 | name: "session",
|
40 | maxAge: 24 * 60 * 60 * 1000,
|
41 | ...opts,
|
42 | ...secret(opts)
|
43 | });
|
44 | };
|
45 |
|
\ | No newline at end of file |