SessionStore: Don't write DB record if already expired

pull/5348/head
Richard Hansen 2022-01-17 17:27:23 -05:00
parent 4d498725c7
commit b991948e21
2 changed files with 16 additions and 4 deletions

View File

@ -8,17 +8,22 @@ const util = require('util');
const logger = log4js.getLogger('SessionStore');
class SessionStore extends Store {
async _checkExpiration(sid, sess) {
const {cookie: {expires} = {}} = sess || {};
if (expires && new Date() >= new Date(expires)) return await this._destroy(sid);
return sess;
}
async _get(sid) {
logger.debug(`GET ${sid}`);
const s = await DB.get(`sessionstorage:${sid}`);
const {cookie: {expires} = {}} = s || {};
if (expires && new Date() >= new Date(expires)) return await this._destroy(sid);
return s;
return await this._checkExpiration(sid, s);
}
async _set(sid, sess) {
logger.debug(`SET ${sid}`);
await DB.set(`sessionstorage:${sid}`, sess);
sess = await this._checkExpiration(sid, sess);
if (sess != null) await DB.set(`sessionstorage:${sid}`, sess);
}
async _destroy(sid) {

View File

@ -46,6 +46,13 @@ describe(__filename, function () {
await set(sess);
assert.equal(JSON.stringify(await db.get(`sessionstorage:${sid}`)), JSON.stringify(sess));
});
it('set of already expired session', async function () {
const sess = {foo: 'bar', cookie: {expires: new Date(1)}};
await set(sess);
// No record should have been created.
assert(await db.get(`sessionstorage:${sid}`) == null);
});
});
describe('get', function () {