aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMatt Strapp <matt@mattstrapp.net>2022-02-10 14:46:30 -0600
committerMatt Strapp <matt@mattstrapp.net>2022-02-10 14:46:37 -0600
commit919c274d78ad9f68bd843c3cdd0a5814fb38e9ef (patch)
treef9ddb10e4fe2babeb9627dbff3689f8bd20b6f0e /src
parentAdd CSRF cookie and make it somewhat secure (diff)
downloadee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar
ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.gz
ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.bz2
ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.lz
ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.xz
ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.zst
ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.zip
Get rid of express-session and use a cookie instead
Signed-off-by: Matt Strapp <matt@mattstrapp.net>
Diffstat (limited to 'src')
-rw-r--r--src/index.ts11
1 files changed, 0 insertions, 11 deletions
diff --git a/src/index.ts b/src/index.ts
index a456313..9e7d082 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -1,5 +1,4 @@
import express, { Request, Response } from 'express';
-import session from 'express-session';
import rateLimit from 'express-rate-limit';
import slowDown from 'express-slow-down';
import path from 'path';
@@ -7,7 +6,6 @@ import { env } from 'process';
import helmet from 'helmet';
import csurf from 'csurf';
import cookieParser from 'cookie-parser';
-import { randomBytes } from 'crypto';
const app = express();
@@ -16,15 +14,6 @@ const port: string = env.PORT || '2000';
app.use(cookieParser());
const csrf = csurf({ cookie: true });
-app.use(session({
- secret: randomBytes(50).toString('base64'),
- resave: false,
- saveUninitialized: true,
- cookie: {
- secure: false,
- maxAge: 1000 * 60 * 60 * 24 * 7,
- },
-}));
const rateLimiter = rateLimit({
windowMs: 1 * 60 * 1000, // 1 minute
max: 30, // Limit each IP to 100 requests per `window` (here, per 15 minutes)