|
|
@ -202,6 +202,7 @@ module.exports.startPlatform = async (dtp) => { |
|
|
|
}; |
|
|
|
|
|
|
|
module.exports.startWebServer = async (dtp) => { |
|
|
|
const IS_PRODUCTION = (process.env.NODE_ENV === 'production'); |
|
|
|
dtp.app = module.app = express(); |
|
|
|
|
|
|
|
module.app.set('views', path.join(dtp.config.root, 'app', 'views')); |
|
|
@ -288,6 +289,7 @@ module.exports.startWebServer = async (dtp) => { |
|
|
|
/* |
|
|
|
* Express sessions |
|
|
|
*/ |
|
|
|
|
|
|
|
module.log.info('initializing redis session store'); |
|
|
|
var sessionStore = new RedisSessionStore({ client: module.redis }); |
|
|
|
|
|
|
@ -296,19 +298,28 @@ module.exports.startWebServer = async (dtp) => { |
|
|
|
name: `dtp:${process.env.DTP_SITE_DOMAIN_KEY}.${process.env.NODE_ENV}`, |
|
|
|
secret: process.env.HTTP_SESSION_SECRET, |
|
|
|
resave: true, |
|
|
|
proxy: IS_PRODUCTION, |
|
|
|
saveUninitialized: true, |
|
|
|
cookie: { |
|
|
|
domain: process.env.DTP_SITE_DOMAIN, |
|
|
|
domain: process.env.DTP_SITE_DOMAIN_KEY, |
|
|
|
path: '/', |
|
|
|
httpOnly: true, |
|
|
|
secure: process.env.HTTP_COOKIE_SECURE === 'enabled', |
|
|
|
secure: true, |
|
|
|
sameSite: process.env.HTTP_COOKIE_SAMESITE || false, |
|
|
|
expires: SESSION_DURATION, |
|
|
|
}, |
|
|
|
store: null, |
|
|
|
}; |
|
|
|
module.log.info('configuring session handler', { |
|
|
|
domain: module.sessionConfig.cookie.domain, |
|
|
|
httpOnly: module.sessionConfig.cookie.httpOnly, |
|
|
|
secure: module.sessionConfig.cookie.secure, |
|
|
|
sameSite: module.sessionConfig.cookie.sameSite, |
|
|
|
expires: module.sessionConfig.cookie.expires, |
|
|
|
}); |
|
|
|
module.sessionConfig.store = sessionStore; |
|
|
|
if (process.env.NODE_ENV === 'production') { |
|
|
|
if (IS_PRODUCTION && module.sessionConfig.cookie.secure) { |
|
|
|
module.log.info('session will be trusting first proxy'); |
|
|
|
module.app.set('trust proxy', 1); |
|
|
|
} |
|
|
|
module.app.use(session(module.sessionConfig)); |
|
|
|