Added session changer, more comments, BREAKING: renamed noLogging to noHttpLogging

2020-11-18 22:14:33 +01:00
parent 33214c83e8
commit cfa8c654b0
10 changed files with 83 additions and 15 deletions
--- a/src/auto-reload.ts
+++ b/src/auto-reload.ts
@@ -52,7 +52,7 @@ if (!DefaultConfig.isProduction) {
 	});

 	router.get("/auto-reload", (req, res) => {
-		req.noLogging = true;
+		req.noHttpLogging = true;
 		res.json({uuid});
 	});
 }
--- a/src/config.ts
+++ b/src/config.ts
@@ -24,9 +24,9 @@ const envs = {
 	USERINFO_HEADER: env.get('USERINFO_HEADER').default("X-Userinfo-Token").asString(),
 	// base url to init a logout or request user info
 	AUTH_PROXY_URL: env.get('AUTH_PROXY_URL').asString() || undefined,
-	// override base url to request user info
+	// override AUTH_PROXY_URL to request user info
 	AUTH_PROXY_USERINFO_URL: env.get('AUTH_PROXY_USERINFO_URL').asString() || undefined,
-	// override base url to init a logout
+	// override AUTH_PROXY_URL to init a logout
 	AUTH_PROXY_INIT_LOGOUT_URL: env.get('AUTH_PROXY_INIT_LOGOUT_URL').asString() || undefined,
 };

--- a/src/logging.ts
+++ b/src/logging.ts
@@ -47,7 +47,7 @@ export const HttpLogger: RequestHandler = (req, res, next) => {
 		const status = colorFunction(res.statusCode.toString(10));
 		const method = req.method.toUpperCase().padEnd(6, " ");
 		const responseTime = (Date.now()-start).toString(10).padStart(3, " ");
-		if (!req.noLogging)
+		if (!req.noHttpLogging)
 			Logger.http(`${status} ${method} ${responseTime}ms ${path}`);
 		end.apply(res, args);
 	};
--- a/src/session.ts
+++ b/src/session.ts
@@ -2,7 +2,8 @@ import * as session from 'express-session';
 import {Store} from 'express-session';
 import {DefaultConfig, Redis} from '.';
 import * as redisStore from "connect-redis";
-import {RequestHandler} from 'express';
+import {RequestHandler, Router} from 'express';
+import {promisify} from "util";


 let sessionStore: Store|undefined = undefined;
@@ -13,14 +14,35 @@ function getRouter(options?: Partial<session.SessionOptions>): RequestHandler {
 		const RedisStore = redisStore(session);
 		sessionStore = new RedisStore({client: Redis.client});
 	}
-	return session({
+	const router = Router();
+	router.use(session({
 		store: sessionStore,
 		secret: DefaultConfig.SESSION_SECRET || 'keyboard cat',
 		resave: false,
 		saveUninitialized: true,
 		cookie: {secure: false},
 		...options,
+	}));
+	router.use((req, res, next) => {
+		// throws if error occurred
+		req.setSessionById = async sessionId => {
+			const sessionStore = (req as { sessionStore?: session.Store }).sessionStore;
+			if (sessionStore) {
+				const getSession = promisify(sessionStore.get);
+				const session = await getSession(sessionId);
+				if (session) {
+					sessionStore.createSession(req, session);
+					return true; // success
+				} else {
+					return false; // session id not found
+				}
+			} else {
+				return false; // no session store present
+			}
+		};
+		next();
 	});
+	return router;
 }

 export const Session = {
--- a/src/types/extend-request.d.ts
+++ b/src/types/extend-request.d.ts
@@ -3,12 +3,18 @@
 declare global {
 	namespace Express {
 		interface Request {
+			// fetch user info (needs AuthProxy and some headers)
 			getUserInfo(): Promise<import('..').UserInfo|undefined>;
-			noLogging: boolean|undefined;
-			permissionDetails?: import('role-acl').Permission;
+			// fetch user info (needed for HttpLogger)
+			noHttpLogging: boolean|undefined;
+			// permission details (after a Permission route)
+			permissionDetails: import('role-acl').Permission;
+			// switch session to another user;does not close old session (after Session router)
+			setSessionById(sessionId: string): Promise<boolean>;
 		}

 		interface Response {
+			// initialize a logout (needs AuthProxy and some headers)
 			initLogout(): boolean;
 		}
 	}