swaf/src/components/SessionComponent.ts

68 lines
2.2 KiB
TypeScript

import ApplicationComponent from "../ApplicationComponent";
import session from "express-session";
import config from "config";
import RedisComponent from "./RedisComponent";
import flash from "connect-flash";
import {Router} from "express";
import SecurityError from "../SecurityError";
export default class SessionComponent extends ApplicationComponent<void> {
private readonly storeComponent: RedisComponent;
public constructor(storeComponent: RedisComponent) {
super();
this.storeComponent = storeComponent;
}
public async checkSecuritySettings(): Promise<void> {
this.checkSecurityConfigField('session.secret');
if (!config.get<boolean>('session.cookie.secure')) {
throw new SecurityError('Cannot set cookie secure field to false.');
}
}
public async init(router: Router): Promise<void> {
router.use(session({
saveUninitialized: true,
secret: config.get('session.secret'),
store: this.storeComponent.getStore(),
resave: true,
cookie: {
httpOnly: true,
secure: config.get('session.cookie.secure'),
maxAge: config.get('session.cookie.maxAge'),
},
rolling: true,
}));
router.use(flash());
router.use((req, res, next) => {
if (!req.session) {
throw new Error('Session is unavailable.');
}
res.locals.session = req.session;
let _flash: any = {};
res.locals.flash = (key?: string) => {
if (key !== undefined) {
if (_flash[key] === undefined) _flash[key] = req.flash(key) || null;
return _flash[key];
}
if (_flash._messages === undefined) {
_flash._messages = {
info: req.flash('info'),
success: req.flash('success'),
warning: req.flash('warning'),
error: req.flash('error'),
};
}
return _flash._messages;
};
next();
});
}
}