Skip to content
This repository has been archived by the owner on Dec 21, 2023. It is now read-only.

feat(bridge): Make session cookie timeout configurable and set default value to 60 minutes #5455

Merged
merged 3 commits into from Oct 5, 2021
Merged

feat(bridge): Make session cookie timeout configurable and set default value to 60 minutes #5455

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
81ec07f
Make session cookie configurable and set default value to 60 minutes
Kavindu-Dodan Oct 1, 2021
8f3e7ed
Review update - convert env paramters to minutes to be consistant
Kavindu-Dodan Oct 5, 2021
36ba410
Fix lint issues
Kavindu-Dodan Oct 5, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 4 additions & 4 deletions bridge/package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 19 additions & 2 deletions bridge/server/user/session.ts
View file
Open in desktop
Expand Up @@ -13,7 +13,7 @@ declare module 'express-session' {
const memoryStore = mS(expressSession);
const router = Router();
const CHECK_PERIOD = 600_000; // check every 10 minutes
const SESSION_TIME = 1_200_000; // max age is 20 minutes
const SESSION_TIME = getOrDefaultSessionTimeout(60); // session timeout, default to 60 minutes
const COOKIE_LENGTH = 10;
const COOKIE_NAME = 'KTSESSION';
const DEFAULT_TRUST_PROXY = 1;
Expand Down Expand Up @@ -104,7 +104,7 @@ function removeSession(req: Request): void {
}

function sessionRouter(app: Express): Router {
console.log('Enabling sessions for bridge.');
console.log(`Enabling sessions for bridge with session timeout ${SESSION_TIME}ms.`);

if (process.env.SECURE_COOKIE === 'true') {
console.log('Setting secure cookies. Make sure SSL is enabled for deployment & correct trust proxy value is used.');
Expand All @@ -127,6 +127,23 @@ function sessionRouter(app: Express): Router {
return router;
}

/**
* Function to determine session timeout. Input value is in minutes and return value is in millisecond. Value can be
* configurable through environment variable SESSION_TIMEOUT_MIN. If the configuration is invalid, fallback to
* provided default value.
*/
function getOrDefaultSessionTimeout(defMinutes: number): number {
if (process.env.SESSION_TIMEOUT_MIN) {
const sTimeout = parseInt(process.env.SESSION_TIMEOUT_MIN, 10);

if (!isNaN(sTimeout) && sTimeout > 0) {
return sTimeout * 60 * 1000;
}
}

return defMinutes * 60 * 1000;
}

export { sessionRouter };
export { isAuthenticated };
export { authenticateSession };
Expand Down
3 changes: 3 additions & 0 deletions installer/manifests/keptn/charts/control-plane/templates/core.yaml
View file
Open in desktop
Expand Up @@ -230,6 +230,9 @@ spec:
value: "{{ .Values.bridge.oauth.discovery }}"
- name: SECURE_COOKIE
value: "{{ .Values.bridge.oauth.secureCookie }}"
# Session cookie timeout in minutes
- name: SESSION_TIMEOUT_MIN
value: "{{ .Values.bridge.oauth.sessionTimeoutMin}}"
# Correlates to trust proxy number of hops as defined at http://expressjs.com/en/guide/behind-proxies.html
- name: TRUST_PROXY
value: "{{ .Values.bridge.oauth.trustProxy }}"
Expand Down
1 change: 1 addition & 0 deletions installer/manifests/keptn/charts/control-plane/values.yaml
View file
Open in desktop
Expand Up @@ -59,6 +59,7 @@ bridge:
discovery: ""
secureCookie: false
trustProxy: ""
sessionTimeoutMin: ""

distributor:
metadata:
Expand Down