sascha
/
Notes
mirror of https://github.com/TriliumNext/Notes
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(server): keep session cookies up to to 24h (closes #2196)

pull/2197/head^2
Elian Doran 2025-06-07 11:28:30 +07:00
parent dc35ad9ace
commit 68163f90d1
No known key found for this signature in database
2 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
apps/server/src/routes/login.spec.ts
Unescape Escape View File

@ -159,6 +159,16 @@ describe("Login Route test", () => {
expect(expiry!.getTime()).toBeGreaterThan(originalExpiry!.getTime());
});
it("keeps session up to 24 hours", async () => {
// Simulate user waiting 23 hours.
vi.setSystemTime(dayjs().add(23, "hours").toDate());
vi.advanceTimersByTime(CLEAN_UP_INTERVAL);
// Check the session is still valid.
const { session } = await getSessionFromCookie(setCookieHeader);
expect(session).toBeTruthy();
});
it("cleans up expired sessions", async () => {
let { session, expiry } = await getSessionFromCookie(setCookieHeader);
expect(session).toBeTruthy();

11
apps/server/src/routes/session_parser.ts
Unescape Escape View File

@ -10,6 +10,13 @@ import type express from "express";
*/
export const CLEAN_UP_INTERVAL = 60 * 60 * 1000; // 1 hour
/**
* The amount of time in milliseconds after which a session cookie expires if "Remember me" is not checked.
*
* Note that the session is renewed on each request, so the session will last up to this time from the last request.
*/
export const SESSION_COOKIE_EXPIRY = 24 * 60 * 60 * 1000; // 24 hours
export class SQLiteSessionStore extends Store {
get(sid: string, callback: (err: any, session?: session.SessionData | null) => void): void {
@ -30,7 +37,7 @@ export class SQLiteSessionStore extends Store {
try {
const expires = session.cookie?.expires
? new Date(session.cookie.expires).getTime()
: Date.now() + 3600000; // fallback to 1 hour
: Date.now() + SESSION_COOKIE_EXPIRY;
const data = JSON.stringify(session);
sql.upsert("sessions", "id", {
@ -63,7 +70,7 @@ export class SQLiteSessionStore extends Store {
}
try {
const expires = Date.now() + 3600000; // fallback to 1 hour
const expires = Date.now() + SESSION_COOKIE_EXPIRY;
sql.execute(/*sql*/`UPDATE sessions SET expires = ? WHERE id = ?`, [expires, sid]);
callback?.();
} catch (e) {