Merge pull request #260 from lirantal/lirantal-enhancements-express-cookie-parameters

Enhancements express cookie parameters
This commit is contained in:
Liran Tal
2014-11-15 11:08:06 +02:00
2 changed files with 25 additions and 2 deletions

23
config/env/all.js vendored
View File

@@ -8,8 +8,29 @@ module.exports = {
},
port: process.env.PORT || 3000,
templateEngine: 'swig',
// The secret should be set to a non-guessable string that
// is used to compute a session hash
sessionSecret: 'MEAN',
// The name of the MongoDB collection to store sessions in
sessionCollection: 'sessions',
// The session cookie settings
sessionCookie: {
path: '/',
httpOnly: true,
// If secure is set to true then it will cause the cookie to be set
// only when SSL-enabled (HTTPS) is used, and otherwise it won't
// set a cookie. 'true' is recommended yet it requires the above
// mentioned pre-requisite.
secure: false,
// Only set the maxAge to null if the cookie shouldn't be expired
// at all. The cookie will expunge when the browser is closed.
maxAge: null,
// To set the cookie in a specific domain uncomment the following
// setting:
// domain: 'yourdomain.com'
},
// The session cookie name
sessionName: 'connect.sid',
log: {
// Can specify one of 'combined', 'common', 'dev', 'short', 'tiny'
format: 'combined',
@@ -48,4 +69,4 @@ module.exports = {
'public/modules/*/tests/*.js'
]
}
};
};

View File

@@ -94,7 +94,9 @@ module.exports = function(db) {
store: new mongoStore({
db: db.connection.db,
collection: config.sessionCollection
})
}),
cookie: config.sessionCookie,
name: config.sessionName
}));
// use passport session