external-repos/noisedash
1
0
Fork 1
mirror of https://github.com/kaythomas0/noisedash.git synced 2025-11-11 19:06:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use random session secret instead of config one

Browse Source
This commit is contained in:
Kevin Thomas
2022-04-05 21:27:45 -07:00
parent c1bcc69ee3
commit 7127e473b8
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/default.json
View File

@@ -4,7 +4,6 @@
"sessionFileStorePath": "sessions", "sessionFileStorePath": "sessions",
"sampleUploadPath": "samples", "sampleUploadPath": "samples",
"maxSampleSize": 10737418240, // In bytes, 10GB by default "maxSampleSize": 10737418240, // In bytes, 10GB by default
"sessionSecret": "CHANGE_THIS",
"logFile": "log/noisedash.log", "logFile": "log/noisedash.log",
"tls": false, // Keep this as false if using an external web server like nginx "tls": false, // Keep this as false if using an external web server like nginx
"tlsKey": "certs/key.pem", "tlsKey": "certs/key.pem",

4
server/app.js
View File

@@ -6,6 +6,7 @@ const path = require('path')
const cookieParser = require('cookie-parser') const cookieParser = require('cookie-parser')
const config = require('config') const config = require('config')
const history = require('connect-history-api-fallback') const history = require('connect-history-api-fallback')
const crypto = require('crypto')
const authRouter = require('./routes/auth') const authRouter = require('./routes/auth')
const usersRouter = require('./routes/users') const usersRouter = require('./routes/users')
const profilesRouter = require('./routes/profiles') const profilesRouter = require('./routes/profiles')
@@ -30,9 +31,10 @@ app.use('/samples', express.static(path.join(__dirname, '../', config.get('Serve
app.use(history()) app.use(history())
app.use('/samples', express.static(path.join(__dirname, '../', config.get('Server.sampleUploadPath')))) app.use('/samples', express.static(path.join(__dirname, '../', config.get('Server.sampleUploadPath'))))
const sessionSecret = crypto.randomBytes(64).toString('hex')
app.use(session({ app.use(session({
store: new FileStore(fileStoreOptions), store: new FileStore(fileStoreOptions),
secret: config.get('Server.sessionSecret'), secret: sessionSecret,
resave: true, resave: true,
saveUninitialized: true saveUninitialized: true
})) }))