diff --git a/config/env/all.js b/config/env/all.js index b4e1749e..66fc2082 100644 --- a/config/env/all.js +++ b/config/env/all.js @@ -8,8 +8,29 @@ module.exports = { }, port: process.env.PORT || 3000, templateEngine: 'swig', + // The secret should be set to a non-guessable string that + // is used to compute a session hash sessionSecret: 'MEAN', + // The name of the MongoDB collection to store sessions in sessionCollection: 'sessions', + // The session cookie settings + sessionCookie: { + path: '/', + httpOnly: true, + // If secure is set to true then it will cause the cookie to be set + // only when SSL-enabled (HTTPS) is used, and otherwise it won't + // set a cookie. 'true' is recommended yet it requires the above + // mentioned pre-requisite. + secure: false, + // Only set the maxAge to null if the cookie shouldn't be expired + // at all. The cookie will expunge when the browser is closed. + maxAge: null, + // To set the cookie in a specific domain uncomment the following + // setting: + // domain: 'yourdomain.com' + }, + // The session cookie name + sessionName: 'connect.sid', log: { // Can specify one of 'combined', 'common', 'dev', 'short', 'tiny' format: 'combined', @@ -48,4 +69,4 @@ module.exports = { 'public/modules/*/tests/*.js' ] } -}; +}; \ No newline at end of file diff --git a/config/express.js b/config/express.js index f19ba586..9b133a68 100755 --- a/config/express.js +++ b/config/express.js @@ -94,7 +94,9 @@ module.exports = function(db) { store: new mongoStore({ db: db.connection.db, collection: config.sessionCollection - }) + }), + cookie: config.sessionCookie, + name: config.sessionName })); // use passport session