github/directus
1
1
Fork 0
mirror of https://github.com/directus/directus.git synced 2026-04-25 03:00:53 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add SESSION_STORE options (#5403)

Browse Source 
* Allow configuring the session storage driver

Fixes #3814

* Document SESSION_STORE env var

* Add missing dependency

* Docs tweak
This commit is contained in:
Rijk van Zanten
2021-04-30 18:18:39 -04:00
committed by GitHub
parent 81f4c25c9b
commit a3898fa321
7 changed files with 119 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/src/app.ts
View File

@@ -44,6 +44,7 @@ import schema from './middleware/schema';
import { track } from './utils/track';
import { validateEnv } from './utils/validate-env';
import { register as registerWebhooks } from './webhooks';
import { session } from './middleware/session';
export default async function createApp(): Promise<express.Application> {
validateEnv(['KEY', 'SECRET']);
@@ -127,6 +128,9 @@ export default async function createApp(): Promise<express.Application> {
app.use(rateLimiter);
}
// We only rely on cookie-sessions in the oAuth flow where it's required
app.use(session);
app.use(authenticate);
app.use(checkIP);

3
api/src/controllers/auth.ts
View File

@@ -1,5 +1,4 @@
import { Router } from 'express';
import session from 'express-session';
import grant from 'grant';
import Joi from 'joi';
import ms from 'ms';
@@ -219,8 +218,6 @@ router.get(
respond
);
router.use('/oauth', session({ secret: env.SECRET as string, saveUninitialized: false, resave: false }));
router.get(
'/oauth/:provider',
asyncHandler(async (req, res, next) => {

2
api/src/env.ts
View File

@@ -29,6 +29,8 @@ const defaults: Record<string, any> = {
RATE_LIMITER_DURATION: 1,
RATE_LIMITER_STORE: 'memory',
SESSION_STORE: 'memory',
ACCESS_TOKEN_TTL: '15m',
REFRESH_TOKEN_TTL: '7d',
REFRESH_TOKEN_COOKIE_SECURE: false,

20
api/src/middleware/session.ts Normal file
View File

@@ -0,0 +1,20 @@
import expressSession, { Store } from 'express-session';
import env from '../env';
import { getConfigFromEnv } from '../utils/get-config-from-env';
let store: Store | undefined = undefined;
if (env.SESSION_STORE === 'redis') {
const Redis = require('ioredis');
const RedisStore = require('connect-redis')(expressSession);
const redisClient = new Redis(env.SESSION_REDIS || getConfigFromEnv('SESSION_REDIS_'));
store = new RedisStore({ client: redisClient });
}
if (env.SESSION_STORE === 'memcache') {
const MemcachedStore = require('connect-memcached')(expressSession);
store = new MemcachedStore(getConfigFromEnv('SESSION_MEMCACHE_'));
}
export const session = expressSession({ store, secret: env.SECRET as string, saveUninitialized: false, resave: false });