alapa/dist/security/middlewares/manage-cookie-session.js

A cutting-edge web development framework designed to revolutionize the way developers build modern web applications.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.manageCookiesSession = void 0;
const model_1 = require("../../data/model");
const encryption_1 = require("../misc/encryption");
const utils_1 = require("../../utils");
const manageCookiesSession = async (req, res, next) => {
    try {
        if (req.cookies["app-session"]) {
            const id = encryption_1.Encryption.decrypt(req.cookies["app-session"]);
            const session = await model_1.SessionDatabase.findOneBy({
                id: id ?? req.cookies["app-session"],
            });
            if (session) {
                if (id != req.sessionID) {
                    await session.remove();
                }
                else if (session.expiredAt < Date.now()) {
                    await session.remove();
                }
            }
        }
        model_1.SessionDatabase.createQueryBuilder()
            .delete()
            .where("expiredAt < :now", { now: Date.now() })
            .execute()
            .catch((err) => utils_1.Logger.error(err));
        const cookieExpires = new Date(60 * 60 * 60 * 24 * 360000 + Date.now()); //one year
        // eslint-disable-next-line @typescript-eslint/no-unused-expressions
        res.cookie("-session", encryption_1.Encryption.encrypt(req.sessionID)),
            {
                expires: cookieExpires,
                httpOnly: true,
            };
    }
    catch (e) {
        console.log(e);
    }
    next();
};
exports.manageCookiesSession = manageCookiesSession;