[IMPORTANT CHANGE] Switch to session-cookies

Switch from data cookies stored on the device to session-cookies managed by the server more securely
3 years ago · 3ef13335b3
parent de4da7844c
commit 3ef13335b3
2 changed files with 5 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 node_modules
 repo/secret
 sessions
--- a/app.js
+++ b/app.js
@ -5,7 +5,7 @@ const url = require('url');
 const crypto = require('crypto');
 const session = require('express-session');
 const { query } = require('express');
-//const FileStore = require('session-file-store')(session)
+const FileStore = require('session-file-store')(session)
 const app = express();
@ -43,8 +43,8 @@ app.use(session({
    secret: secret.toString(),
    saveUninitialized:false,
    resave:false,
-    cookie: {maxAge: 120000}
+   	//cookie: {maxAge: none}
-    //store:new FileStore()
+    store:new FileStore()
 }));
 function report(str){
@ -454,4 +454,4 @@ app.get('/css/manrope.ttf', (request, response) => {
 const server = http.createServer(app);
-server.listen(8881);
+server.listen(8881);