diff options
author | Matt Strapp <matt@mattstrapp.net> | 2022-02-10 14:46:30 -0600 |
---|---|---|
committer | Matt Strapp <matt@mattstrapp.net> | 2022-02-10 14:46:37 -0600 |
commit | 919c274d78ad9f68bd843c3cdd0a5814fb38e9ef (patch) | |
tree | f9ddb10e4fe2babeb9627dbff3689f8bd20b6f0e /src | |
parent | Add CSRF cookie and make it somewhat secure (diff) | |
download | ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.gz ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.bz2 ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.lz ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.xz ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.tar.zst ee4511w-web-919c274d78ad9f68bd843c3cdd0a5814fb38e9ef.zip |
Get rid of express-session and use a cookie instead
Signed-off-by: Matt Strapp <matt@mattstrapp.net>
Diffstat (limited to 'src')
-rw-r--r-- | src/index.ts | 11 |
1 files changed, 0 insertions, 11 deletions
diff --git a/src/index.ts b/src/index.ts index a456313..9e7d082 100644 --- a/src/index.ts +++ b/src/index.ts @@ -1,5 +1,4 @@ import express, { Request, Response } from 'express'; -import session from 'express-session'; import rateLimit from 'express-rate-limit'; import slowDown from 'express-slow-down'; import path from 'path'; @@ -7,7 +6,6 @@ import { env } from 'process'; import helmet from 'helmet'; import csurf from 'csurf'; import cookieParser from 'cookie-parser'; -import { randomBytes } from 'crypto'; const app = express(); @@ -16,15 +14,6 @@ const port: string = env.PORT || '2000'; app.use(cookieParser()); const csrf = csurf({ cookie: true }); -app.use(session({ - secret: randomBytes(50).toString('base64'), - resave: false, - saveUninitialized: true, - cookie: { - secure: false, - maxAge: 1000 * 60 * 60 * 24 * 7, - }, -})); const rateLimiter = rateLimit({ windowMs: 1 * 60 * 1000, // 1 minute max: 30, // Limit each IP to 100 requests per `window` (here, per 15 minutes) |