GDPR9 (#1419)

* Set secure cookies if applicable... probably going to boot everyone off to reset these. Retested local pro... PASS * Output the cookie contents... now we need most of it and easier just to pipe it all out Post #1416 ... related to #604 Auto-merge
OpenUserJS · Jun 12, 2018 · e9b369a · e9b369a
1 parent 05c8739
commit e9b369a
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/app.js b/app.js
@@ -318,7 +318,8 @@ app.use(session({
   saveUninitialized: false,
   unset: 'destroy',
   cookie: {
-    maxAge: 5 * 60 * 1000 // minutes in ms NOTE: Expanded after successful auth
+    maxAge: 5 * 60 * 1000, // minutes in ms NOTE: Expanded after successful auth
+    secure: (isPro && secured ? true : false)
   },
   rolling: true,
   secret: sessionSecret,

diff --git a/controllers/admin.js b/controllers/admin.js
@@ -397,9 +397,8 @@ exports.adminSessionActiveView = function (aReq, aRes, aNext) {
         if (data && data.user) {
           options.session.push({
             _id: aElement._id,
-            originalMaxAge: data.cookie.originalMaxAge,
-            expires: data.cookie.expires,
-            name: data.user.name
+            name: data.user.name,
+            cookie: data.cookie
           });
 
           options.namedCount++;