changement config.js et server.js gestion cookie, https et proxy
This commit is contained in:
unfr
parent
01c2f2d35e
commit
04e9d8d372
@ -28,6 +28,9 @@ module.exports = {
|
|||||||
|
|
||||||
// Secret pour la configuration des sessions "curl -L pw.vdx.sh/w/32"
|
// Secret pour la configuration des sessions "curl -L pw.vdx.sh/w/32"
|
||||||
sessionSecret: 'Voir commande ci dessus',
|
sessionSecret: 'Voir commande ci dessus',
|
||||||
|
trustProxy: 0, // 0=pas de proxy, 1=Nginx, 2=Cloudflare->Nginx, etc.
|
||||||
|
cookieSecure: false, // true si HTTPS de bout en bout
|
||||||
|
sessionStorePath: './sessions',
|
||||||
|
|
||||||
// Informations d'authentification
|
// Informations d'authentification
|
||||||
auth: {
|
auth: {
|
||||||
|
|||||||
@ -13,6 +13,15 @@ const chokidar = require('chokidar');
|
|||||||
|
|
||||||
db.testConnection(); // vérification au démarrage
|
db.testConnection(); // vérification au démarrage
|
||||||
|
|
||||||
|
|
||||||
|
function resolveTrustProxy(v) {
|
||||||
|
if (v == null) return 0;
|
||||||
|
if (v === true || v === 'true' || v === 'all') return true;
|
||||||
|
if (typeof v === 'number' || /^\d+$/.test(String(v))) return Number(v);
|
||||||
|
if (Array.isArray(v)) return v;
|
||||||
|
return String(v); // ex: "loopback,uniquelocal,127.0.0.1/8"
|
||||||
|
}
|
||||||
|
|
||||||
const app = express();
|
const app = express();
|
||||||
const port = config.port;
|
const port = config.port;
|
||||||
const background_color = (config?.background_color ?? '').trim() || 'slate-900';
|
const background_color = (config?.background_color ?? '').trim() || 'slate-900';
|
||||||
@ -20,18 +29,27 @@ const background_color = (config?.background_color ?? '').trim() || 'slate-900';
|
|||||||
// Middleware pour parser les formulaires POST
|
// Middleware pour parser les formulaires POST
|
||||||
app.use(express.urlencoded({ extended: true }));
|
app.use(express.urlencoded({ extended: true }));
|
||||||
|
|
||||||
|
app.set('trust proxy', resolveTrustProxy(config.trustProxy));
|
||||||
|
|
||||||
|
/* --- Session 7 jours, expiration glissante --- */
|
||||||
|
const SEVEN_DAYS_MS = 7 * 24 * 60 * 60 * 1000;
|
||||||
|
const SEVEN_DAYS_S = Math.floor(SEVEN_DAYS_MS / 1000);
|
||||||
|
|
||||||
app.use(session({
|
app.use(session({
|
||||||
store: new FileStore({
|
store: new FileStore({
|
||||||
path: './sessions', // dossier où stocker les fichiers
|
path: config.sessionStorePath || './sessions',
|
||||||
ttl: 24 * 60 * 60, // durée de vie en secondes (ici 1 jour)
|
ttl: SEVEN_DAYS_S, // côté store (secondes)
|
||||||
retries: 0
|
retries: 0
|
||||||
}),
|
}),
|
||||||
secret: config.sessionSecret,
|
secret: config.sessionSecret,
|
||||||
resave: false,
|
resave: false,
|
||||||
saveUninitialized: false,
|
saveUninitialized: false,
|
||||||
cookie: {
|
rolling: true, // renouvelle à chaque requête
|
||||||
maxAge: 24 * 60 * 60 * 1000 // 1 jour en ms
|
cookie: {
|
||||||
}
|
maxAge: SEVEN_DAYS_MS, // côté navigateur (ms)
|
||||||
|
sameSite: 'lax',
|
||||||
|
secure: !!config.cookieSecure, // true seulement si HTTPS
|
||||||
|
}
|
||||||
}));
|
}));
|
||||||
|
|
||||||
app.use(express.static('public'));
|
app.use(express.static('public'));
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user