From 7e80a49ab88f818e5e57238a25ee9c2d72252934 Mon Sep 17 00:00:00 2001 From: Matt Strapp Date: Wed, 9 Feb 2022 20:55:44 -0600 Subject: configure CRSF properly Signed-off-by: Matt Strapp --- package.json | 4 ++-- src/index.ts | 11 +++++++++-- src/views/partials/nav.ejs | 1 + 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index 60d348d..d67b85d 100644 --- a/package.json +++ b/package.json @@ -36,10 +36,10 @@ "tsc": "tsc --project ./tsconfig.json" }, "name": "4951w-pendulum-webapp", - "version": "0.0.1", + "version": "0.1.0", "description": "The webapp for Professor Lamperski's Pendulum", "main": "dist/index.js", "author": "Matt Strapp ", "license": "MIT", "private": true -} +} \ No newline at end of file diff --git a/src/index.ts b/src/index.ts index e6e083b..e396151 100644 --- a/src/index.ts +++ b/src/index.ts @@ -13,6 +13,15 @@ const app = express(); const port: string = env.PORT || '2000'; const csrf = csurf({ cookie: false }); +app.use(session({ + secret: 'keyboard cat', + resave: false, + saveUninitialized: true, + cookie: { + secure: false, + maxAge: 1000 * 60 * 60 * 24 * 7, + }, +})); const rateLimiter = rateLimit({ windowMs: 1 * 60 * 1000, // 1 minute max: 30, // Limit each IP to 100 requests per `window` (here, per 15 minutes) @@ -38,10 +47,8 @@ app.use(helmet()); // Add ejs as view engine app.set('view engine', 'ejs'); app.set('views', path.join(__dirname, 'views/pages')); - app.use('/public', express.static(path.join(__dirname, 'public'))); - app.get('/', csrf, (req: Request, res: Response) => { res.render('index', { errors: [], diff --git a/src/views/partials/nav.ejs b/src/views/partials/nav.ejs index 2b83518..ab2626b 100644 --- a/src/views/partials/nav.ejs +++ b/src/views/partials/nav.ejs @@ -2,5 +2,6 @@ \ No newline at end of file -- cgit v1.2.3