Skip to content

Commit

Permalink
Abstract TTLs to settings Object
Browse files Browse the repository at this point in the history
* Adjust values to shorter, preferred, intervals
* Additional sanity check for idle session from browser blocked and query accept redirect with JavaScript disabled.
* Restore OpenUserJS#1448 *(not found in stderr and new users are okay)*... ends mitigation from OpenUserJS#1449 ... most likely a critical DB failure with mongolabs that should be trapped and handled
* Move destruction to stderr with debug mode only... Applies to OpenUserJS#430

NOTE:
* Unit specific tests... if changed must keep in `m` and `h`. `nominal` replacement and `maximum` addition are in `h`... the rest are `m`

Post OpenUserJS#1471 ... related to OpenUserJS#604
  • Loading branch information
Martii committed Jul 6, 2018
1 parent 2a86df1 commit 762a05b
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 13 deletions.
16 changes: 11 additions & 5 deletions app.js
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ db.on('connected', function () {
console.log(colors.green('Connected to MongoDB v' + aInfo.version));
});

ttlSanityTimer = setInterval(ttlSanity, 15 * 60 * 1000); // NOTE: Check every n minutes
ttlSanityTimer = setInterval(ttlSanity, settings.ttl.timerSanityExpiry * 60 * 1000); // NOTE: Check every n min
});

db.on('disconnected', function () {
Expand All @@ -122,7 +122,7 @@ db.on('reconnected', function () {
console.error(colors.yellow('MongoDB connection is reconnected'));

if (!ttlSanityTimer) {
ttlSanityTimer = setInterval(ttlSanity, 15 * 60 * 1000); // NOTE: Check every n minutes
ttlSanityTimer = setInterval(ttlSanity, settings.ttl.timerSanityExpiry * 60 * 1000); // NOTE: Check every n min
}
});

Expand Down Expand Up @@ -163,7 +163,7 @@ process.on('SIGINT', function () {
var sessionStore = new MongoStore({
mongooseConnection: db,
autoRemove: 'native',
ttl: 10 * 60 // seconds to minutes ; 14 * 24 * 60 * 60 = 14 days. Default
ttl: settings.ttl.timerSanity * 60 // sec to min; 14 * 24 * 60 * 60 = 14 days. Default
});

// See https://hacks.mozilla.org/2013/01/building-a-node-js-server-that-wont-melt-a-node-js-holiday-season-part-5/
Expand Down Expand Up @@ -524,11 +524,17 @@ function ttlSanity() {
options.sessionList = _.map(options.sessionList, function (aSession) {
var expiry = moment(aSession.cookie.expires);

if (expiry.add(15, 'm').isBefore()) {
if (expiry.add(settings.ttl.timerSanityExpiry, 'm').isBefore() ||
expiry.diff(moment(), 'm')
> settings.ttl.timerSanityExpiry && aSession.user && !aSession.user.roleName
) {
if (aSession.passport && aSession.passport.oujsOptions) {
console.warn('Forcibly destroyed a session id of', aSession.passport.oujsOptions.sid);
if (isDbg) {
console.warn('Forcibly destroyed a session id of', aSession.passport.oujsOptions.sid);
}
sessionStore.destroy(aSession.passport.oujsOptions.sid);
} else {
// NOTE: This should not happen
console.error('Session found to be expired but no sid');
}
}
Expand Down
4 changes: 2 additions & 2 deletions controllers/auth.js
Original file line number Diff line number Diff line change
Expand Up @@ -154,8 +154,8 @@ exports.auth = function (aReq, aRes, aNext) {

if (aErr) {
console.error('Authfail with no User found of', username, aErr);
// aRes.redirect('/login?usernamefail');
// return;
aRes.redirect('/login?usernamefail');
return;
}

if (aUser) {
Expand Down
8 changes: 5 additions & 3 deletions libs/modifySessions.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ var isDbg = require('../libs/debug').isDbg;
//--- Library inclusions
var moment = require('moment');

var settings = require('../models/settings.json');

//
// This library allows for the modifications of user sessions
var async = require('async');
Expand Down Expand Up @@ -68,7 +70,7 @@ exports.add = function (aReq, aUser, aCallback) {
// Expand a single session
exports.expand = function (aReq, aUser, aCallback) {
var expiry = moment(aReq.session.cookie.expires);
var min = 5; // NOTE: Keep this initial timeout in sync with app.js
var min = settings.ttl.minimum;

if (!aUser) {
aCallback('No User');
Expand All @@ -87,7 +89,7 @@ exports.expand = function (aReq, aUser, aCallback) {
}

// NOTE: Expanded timeout minus initial timeout.
expiry = expiry.add(6, 'h').subtract(min, 'm');
expiry = expiry.add(settings.ttl.nominal, 'h').subtract(min, 'm');

aReq.session.cookie.expires = expiry.toDate();
aReq.session.cookie.sameSite = 'strict';
Expand Down Expand Up @@ -116,7 +118,7 @@ exports.extend = function (aReq, aUser, aCallback) {
return;
}

expiry = expiry.add(6 * 2, 'h'); // NOTE: Keep this addition to expanded timeout in sync with app.js
expiry = expiry.add(settings.ttl.maximum, 'h');
aReq.session.passport.oujsOptions.extended = true;

aReq.session.cookie.expires = expiry.toDate();
Expand Down
13 changes: 10 additions & 3 deletions models/settings.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,12 @@
{
"secret" : "someSecretStringForSession",
"connect" : "mongodb://dev:oujs@ds041651.mongolab.com:41651/openuserjs_dev",
"maximum_upload_script_size": 1048576
"secret" : "someSecretStringForSession",
"connect" : "mongodb://dev:oujs@ds041651.mongolab.com:41651/openuserjs_dev",
"maximum_upload_script_size": 1048576,
"ttl": {
"minimum": 5,
"nominal": 6,
"timerSanity": 7,
"timerSanityExpiry": 11,
"maximum": 18
}
}

0 comments on commit 762a05b

Please sign in to comment.