feat: rename session cookie to formsg.connect.sid in local dev

__tests__/integration/helpers/express-auth.ts

@@ -50,7 +50,7 @@ export const createAuthedSession = async (
   // Assert
   // Should have session cookie returned.
   const sessionCookie = request.cookies.find(
-    (cookie) => cookie.name === 'connect.sid',
+    (cookie) => cookie.name === 'formsg.connect.sid',
   )
   expect(sessionCookie).toBeDefined()
 
@@ -68,7 +68,7 @@ export const logoutSession = async (request: Session): Promise<Session> => {
   expect(response.status).toEqual(200)
 
   const sessionCookie = request.cookies.find(
-    (cookie) => cookie.name === 'connect.sid',
+    (cookie) => cookie.name === 'formsg.connect.sid',
   )
   expect(sessionCookie).not.toBeDefined()
 

__tests__/integration/helpers/express-setup.ts

@@ -17,7 +17,7 @@ const testSessionMiddlewares = () => {
     saveUninitialized: false,
     resave: false,
     secret: 'test-session-secret',
-    name: 'connect.sid',
+    name: 'formsg.connect.sid',
     store: new session.MemoryStore(),
   })
 

src/app/loaders/express/session.ts

@@ -6,14 +6,19 @@ import { Connection } from 'mongoose'
 
 import config from '../../config/config'
 
+export const ADMIN_LOGIN_SESSION_COOKIE_NAME = config.isDev
+  ? 'formsg.connect.sid'
+  : 'connect.sid'
+
 const sessionMiddlewares = (connection: Connection): RequestHandler[] => {
   // Configure express-session and connect to mongo
   const expressSession = session({
     saveUninitialized: false,
     resave: false,
     secret: config.sessionSecret,
     cookie: config.cookieSettings,
-    name: 'connect.sid',
+    // TODO: FRM-1512: Standardise cookie name across environments
+    name: ADMIN_LOGIN_SESSION_COOKIE_NAME,
     store: MongoStore.create({
       client: connection.getClient(),
     }),

src/app/modules/auth/auth.controller.ts

@@ -4,6 +4,7 @@ import { SendOtpResponseDto } from 'shared/types/user'
 
 import { SUPPORT_FORM_LINK } from '../../../../shared/constants/links'
 import { createLoggerWithLabel } from '../../config/logger'
+import { ADMIN_LOGIN_SESSION_COOKIE_NAME } from '../../loaders/express/session'
 import MailService from '../../services/mail/mail.service'
 import { createReqMeta, getRequestIp } from '../../utils/request'
 import { ControllerHandler } from '../core/core.types'
@@ -256,7 +257,7 @@ export const handleSignout: ControllerHandler = async (req, res) => {
     }
 
     // No error.
-    res.clearCookie('connect.sid')
+    res.clearCookie(ADMIN_LOGIN_SESSION_COOKIE_NAME)
     return res.status(StatusCodes.OK).json({ message: 'Sign out successful' })
   })
 }

src/app/routes/api/v3/auth/__tests__/auth.routes.spec.ts

@@ -511,7 +511,7 @@ describe('auth.routes', () => {
       })
       // Should have session cookie returned.
       const sessionCookie = request.cookies.find(
-        (cookie) => cookie.name === 'connect.sid',
+        (cookie) => cookie.name === 'formsg.connect.sid',
       )
       expect(sessionCookie).toBeDefined()
     })
@@ -538,7 +538,7 @@ describe('auth.routes', () => {
       })
       // Should have session cookie returned.
       const sessionCookie = request.cookies.find(
-        (cookie) => cookie.name === 'connect.sid',
+        (cookie) => cookie.name === 'formsg.connect.sid',
       )
       expect(sessionCookie).toBeDefined()
     })
@@ -591,9 +591,9 @@ describe('auth.routes', () => {
       // Assert
       expect(response.status).toEqual(200)
       expect(response.body).toEqual({ message: 'Sign out successful' })
-      // connect.sid should now be empty.
+      // formsg.connect.sid should now be empty.
       expect(response.header['set-cookie'][0]).toEqual(
-        expect.stringContaining('connect.sid=;'),
+        expect.stringContaining('formsg.connect.sid=;'),
       )
     })
 
@@ -629,7 +629,7 @@ describe('auth.routes', () => {
     // Assert
     // Should have session cookie returned.
     const sessionCookie = request.cookies.find(
-      (cookie) => cookie.name === 'connect.sid',
+      (cookie) => cookie.name === 'formsg.connect.sid',
     )
     expect(sessionCookie).toBeDefined()
     return response.body