From 7e80a49ab88f818e5e57238a25ee9c2d72252934 Mon Sep 17 00:00:00 2001
From: Matt Strapp <matt@mattstrapp.net>
Date: Wed, 9 Feb 2022 20:55:44 -0600
Subject: configure CRSF properly

Signed-off-by: Matt Strapp <matt@mattstrapp.net>
---
 src/index.ts | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'src/index.ts')

diff --git a/src/index.ts b/src/index.ts
index e6e083b..e396151 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -13,6 +13,15 @@ const app = express();
 const port: string = env.PORT || '2000';
 
 const csrf = csurf({ cookie: false });
+app.use(session({
+    secret: 'keyboard cat',
+    resave: false,
+    saveUninitialized: true,
+    cookie: {
+        secure: false,
+        maxAge: 1000 * 60 * 60 * 24 * 7,
+    },
+}));
 const rateLimiter = rateLimit({
     windowMs: 1 * 60 * 1000, // 1 minute
     max: 30, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
@@ -38,10 +47,8 @@ app.use(helmet());
 // Add ejs as view engine
 app.set('view engine', 'ejs');
 app.set('views', path.join(__dirname, 'views/pages'));
-
 app.use('/public', express.static(path.join(__dirname, 'public')));
 
-
 app.get('/', csrf, (req: Request, res: Response) => {
     res.render('index', {
         errors: [],
-- 
cgit v1.2.3