add redis for sessions

Author: CodeShellDev

package-lock.json

@@ -19,12 +19,13 @@
 		"start": "node ./src/app.js"
 	},
 	"dependencies": {
-		"cookie-parser": "^1.4.7",
+		"connect-redis": "^9.0.0",
 		"ejs": "^3.1.10",
 		"express": "^4.21.1",
-		"express-session": "^1.18.1",
+		"express-session": "^1.18.2",
 		"passport": "^0.7.0",
 		"passport-oauth2": "^1.8.0",
+		"redis": "^5.10.0",
 		"uuid": "^13.0.0",
 		"ws": "^8.18.3"
 	}

package.json

@@ -1,5 +1,6 @@
 const express = require("express")
 const log = require("./utils/logger")
+const db = require("./db")
 const env = require("./env")
 const http = require("http")
 
@@ -15,6 +16,8 @@ if (log.logger.level != env.ENV.logLevel) {
 	log.Init(env.ENV.logLevel)
 }
 
+db.Init()
+
 app.use(express.static("public"))
 
 app.set("view engine", "ejs")

src/app.js

@@ -2,14 +2,22 @@ const express = require("express")
 const router = express.Router()
 
 const session = require("express-session")
-const cookieParser = require("cookie-parser")
 
 const passport = require("passport")
 const OAuth2Strategy = require("passport-oauth2")
 
 const { ENV } = require("./env")
 const { logger } = require("./utils/logger")
 
+const {
+	redisClient,
+	GetFromCache,
+	WriteToCache,
+	DeleteFromCache,
+} = require("db")
+const connectRedis = require("connect-redis")
+const RedisStore = connectRedis(session)
+
 const redirectURL = new URL(ENV.redirectURL)
 
 async function fetchUserInfo(accessToken) {
@@ -71,47 +79,37 @@ passport.use(
 passport.serializeUser((user, done) => done(null, user))
 passport.deserializeUser((user, done) => done(null, user))
 
-router.use(cookieParser(ENV.cookieKey))
-
 router.use(
 	session({
-		secret: ENV.sessionKey,
+		store: new RedisStore({ redisClient }),
+		secret: process.env.SESSION_SECRET,
 		resave: false,
 		saveUninitialized: false,
 		cookie: {
-			httpOnly: true,
 			secure: true,
-			sameSite: "lax",
-			maxAge: 1000 * 60 * 15,
+			maxAge: 1000 * 60 * 60,
 		},
 	})
 )
 
 router.use(passport.initialize())
 router.use(passport.session())
 
-router.get("/", (req, res) => {
-	if (req.query.serviceUrl) {
-		res.cookie("serviceUrl", req.query.serviceUrl, {
-			domain: redirectURL.hostname,
-			httpOnly: true,
-			secure: true,
-			sameSite: "lax",
-			maxAge: 300000,
-		})
-	}
+router.get("/", async (req, res) => {
+	const key = `service=${req.sessionID}`
 
-	logger.debug(
-		`Client requested ${req.hostname}, redirecting to ${redirectURL.hostname}`
-	)
+	const serviceUrl = await GetFromCache(key)
 
 	if (req.hostname !== redirectURL.hostname) {
 		const originalHost = req.headers["x-forwarded-host"] || req.get("host")
 		const originalProto = req.headers["x-forwarded-proto"] || req.protocol
 		const originalUri = req.headers["x-forwarded-uri"] || req.originalUrl
 
 		const originalUrl = `${originalProto}://${originalHost}${originalUri}`
-		return res.redirect(`${redirectURL.origin}?serviceUrl=${originalUrl}`)
+
+		await WriteToCache(key, originalUrl)
+
+		return res.redirect(`${redirectURL.origin}`)
 	}
 
 	if (!req.isAuthenticated()) {
@@ -124,7 +122,7 @@ router.get("/", (req, res) => {
 			locale: req.user.locale,
 			email: req.user.email,
 		},
-		redirect: redirectURL.toString(),
+		service: serviceUrl,
 	})
 })
 

src/auth.js

@@ -0,0 +1,52 @@
+const { ENV } = require("./env")
+const { logger } = require("./utils/logger")
+
+const redis = require("redis")
+
+let redisClient
+
+async function Init() {
+	redisClient = redis.createClient({
+		url: `redis://${ENV.redisHost}:${ENV.redisPort}`,
+	})
+
+	redisClient.on("error", (err) => logger.error("Redis error: ", err))
+
+	await redisClient.connect()
+
+	logger.debug("Connected to Redis")
+}
+
+async function GetFromCache(key, { hash = false } = {}) {
+	if (hash) {
+		return await redisClient.hGetAll(key)
+	} else {
+		return await redisClient.get(key)
+	}
+}
+
+async function WriteToCache(key, value, { hash = false } = {}) {
+	if (hash) {
+		await redisClient.hSet(key, value)
+	} else {
+		await redisClient.set(key, value)
+	}
+
+	await redisClient.expire(key, 3600)
+}
+
+async function DeleteFromCache(key, { hash = false } = {}) {
+	if (hash) {
+		await redisClient.hDel(key)
+	} else {
+		await redisClient.del(key)
+	}
+}
+
+module.exports = {
+	redisClient,
+	Init,
+	GetFromCache,
+	WriteToCache,
+	DeleteFromCache,
+}

src/db.js

@@ -8,14 +8,18 @@ const ENV = {
 	logLevel: "info",
 	exposeLogs: true,
 
+	redisHost: "redis",
+	redisPort: "6379",
+	redisUser: "wol",
+	redisPassword: "",
+
 	woldQueryPattern: "",
 	wolURL: "",
 
 	woldPort: "7777",
 	vePort: "9999",
 
 	sessionKey: "",
-	cookieKey: "",
 
 	authorizationURL: "",
 	resourceURL: "",
@@ -40,6 +44,11 @@ function Load() {
 	ENV.port = process.env.PORT || ENV.port
 	ENV.logLevel = process.env.LOG_LEVEL || ENV.logLevel
 
+	ENV.redisHost = process.env.REDIS_HOST || ENV.redisHost
+	ENV.redisPort = process.env.REDIS_PORT || ENV.redisPort
+	ENV.redisUser = process.env.REDIS_USER || ENV.redisUser
+	ENV.redisPassword = process.env.REDIS_PASSWORD || ENV.redisPassword
+
 	ENV.woldQueryPattern = process.env.WOLD_QUERY_PATTERN || ""
 
 	ENV.exposeLogs = process.env.EXPOSE_LOGS || ENV.exposeLogs
@@ -54,14 +63,10 @@ function Load() {
 	}
 
 	ENV.sessionKey = process.env.SESSION_KEY || ""
-	ENV.cookieKey = process.env.COOKIE_KEY || ""
 
 	if (!ENV.sessionKey) {
 		logger.fatal("No session key provided")
 	}
-	if (!ENV.cookieKey) {
-		logger.fatal("No cookie key provided")
-	}
 
 	ENV.authorizationURL = process.env.AUTHORIZATION_URL || ""
 	ENV.resourceURL = process.env.RESOURCE_URL || ""