artin/API-Explorer-II
1
0
Fork 0
mirror of https://github.com/OpenBankProject/API-Explorer-II.git synced 2026-02-06 10:47:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #149 from OpenBankProject/fix_session_pw_var

Browse Source 
add def value to session pw
This commit is contained in:
Simon Redfern 2026-01-30 23:34:45 +01:00 committed by GitHub
commit bf87c919c1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
server/app.ts
View File

@ -118,10 +118,20 @@ console.info(
`Session maxAge configured: ${sessionMaxAgeSeconds} seconds (${sessionMaxAgeSeconds / 60} minutes)`
)
app.use(express.json())
// Session secret - MUST be set in production
const sessionSecret =
process.env.VITE_OBP_SERVER_SESSION_PASSWORD || 'dev-secret-change-in-production'
if (!process.env.VITE_OBP_SERVER_SESSION_PASSWORD) {
console.warn(
'WARNING: VITE_OBP_SERVER_SESSION_PASSWORD is not set. Using default secret for development only.'
)
console.warn('WARNING: Set VITE_OBP_SERVER_SESSION_PASSWORD in your .env file for production!')
}
let sessionObject = {
store: redisStore,
name: 'obp-api-explorer-ii.sid', // CRITICAL: Unique cookie name to prevent conflicts with other apps on localhost
secret: process.env.VITE_OBP_SERVER_SESSION_PASSWORD,
secret: sessionSecret,
resave: false,
saveUninitialized: false, // Don't save empty sessions (better for authenticated apps)
cookie: {