fix: cookie setting updates

mikalaum · Feb 10, 2021 · f46dd407dd979233e69f99e82a108b1f1c84f2c8 · f46dd40
1 parent caacc0c
commit f46dd407dd979233e69f99e82a108b1f1c84f2c8
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 6 deletions.
diff --git a/routes/register.js b/routes/register.js
@@ -17,8 +17,7 @@ const router = express.Router();
 const { Fido2Lib } = fido2lib;
 const fido = new Fido2Lib({
   timeout: 60000,
-  rpName: "WebAuthnUX",
-  rpIcon: "https://whatpwacando.today/src/img/icons/icon-512x512.png",
+  rpName: "FIDO2.APP",
   challengeSize: 128,
   attestation: "none",
   cryptoParams: [-7, -257],
@@ -80,8 +79,8 @@ router.post("/register", async (req, res) => {
     const regResult = await fido.attestationResult(credential, attestationExpectations);
     req.session.publicKey = regResult.authnrData.get("credentialPublicKeyPem");
     req.session.prevCounter = regResult.authnrData.get("counter");
+
     const hash = bcrypt.hashSync(password, 10);
-
     const user = await User.create({
       id: req.session.userHandle,
       credentialId: base64RawId,

diff --git a/server.js b/server.js
@@ -51,11 +51,13 @@ app.use(compression());
 
 const MongoStore = connectMongo(session);
 app.use(
-  session({ 
+  session({
+    name: "FIDO2 APP",
     secret: process.env.SESSION_SECRET,
     resave: false,
     store: new MongoStore({ mongooseConnection: dbConnection.connection }),
-    saveUninitialized: true,
+    saveUninitialized: false,
+    cookie: { secure: true },
   })
 );
 
@@ -75,7 +77,7 @@ app.use(errorHandler());
 
 app.use("/api/v1", registerRoutes);
 app.use("/api/v1/verification", verificationRoutes);
-app.use("/api/v1/timing", timingRoutes)
+app.use("/api/v1/timing", timingRoutes);
 app.listen(process.env.PORT || config.port, () => {
   console.log(chalk.yellow("......................................."));
   console.log(chalk.green(config.name));