From c20df65ebcee7d6ea4a5e04f6a0557d22d453ad0 Mon Sep 17 00:00:00 2001 From: Chi Vinh Le Date: Mon, 5 Jun 2017 18:21:40 +0700 Subject: [PATCH 1/3] Use same lifespan for cookies as for tokens --- package.json | 1 + services/passport.js | 3 ++- yarn.lock | 4 ++++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index fe87f17f5..37c85ed64 100644 --- a/package.json +++ b/package.json @@ -92,6 +92,7 @@ "minimist": "^1.2.0", "mongoose": "^4.9.8", "morgan": "^1.8.1", + "ms": "^2.0.0", "natural": "^0.5.0", "node-emoji": "^1.5.1", "node-fetch": "^1.6.3", diff --git a/services/passport.js b/services/passport.js index 4f5a8fb8d..8d264f67b 100644 --- a/services/passport.js +++ b/services/passport.js @@ -10,6 +10,7 @@ const uuid = require('uuid'); const debug = require('debug')('talk:passport'); const {createClient} = require('./redis'); const bowser = require('bowser'); +const ms = require('ms'); // Create a redis client to use for authentication. const client = createClient(); @@ -39,7 +40,7 @@ const SetTokenForSafari = (req, res, token) => { if (browser.ios || browser.safari) { res.cookie('authorization', token, { httpOnly: true, - expires: new Date(Date.now() + 900000) + expires: new Date(Date.now() + ms(JWT_EXPIRY)) }); } }; diff --git a/yarn.lock b/yarn.lock index 9855d91e8..92966d3b2 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5365,6 +5365,10 @@ ms@0.7.3, ms@^0.7.1: version "0.7.3" resolved "https://registry.yarnpkg.com/ms/-/ms-0.7.3.tgz#708155a5e44e33f5fd0fc53e81d0d40a91be1fff" +ms@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" + muri@1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/muri/-/muri-1.2.1.tgz#ec7ea5ce6ca6a523eb1ab35bacda5fa816c9aa3c" From a595e94394d305b0e44594d7c3c766ac0d855c1c Mon Sep 17 00:00:00 2001 From: Wyatt Johnson Date: Mon, 5 Jun 2017 16:31:06 -0600 Subject: [PATCH 2/3] Removed parse-duration in favour of ms --- bin/cli-assets | 2 +- package.json | 1 - yarn.lock | 4 ---- 3 files changed, 1 insertion(+), 6 deletions(-) diff --git a/bin/cli-assets b/bin/cli-assets index 166152baf..97b5b043c 100755 --- a/bin/cli-assets +++ b/bin/cli-assets @@ -5,7 +5,7 @@ */ const program = require('./commander'); -const parseDuration = require('parse-duration'); +const parseDuration = require('ms'); const Table = require('cli-table'); const AssetModel = require('../models/asset'); const mongoose = require('../services/mongoose'); diff --git a/package.json b/package.json index 37c85ed64..14893de54 100644 --- a/package.json +++ b/package.json @@ -97,7 +97,6 @@ "node-emoji": "^1.5.1", "node-fetch": "^1.6.3", "nodemailer": "^2.6.4", - "parse-duration": "^0.1.1", "passport": "^0.3.2", "passport-jwt": "^2.2.1", "passport-local": "^1.0.0", diff --git a/yarn.lock b/yarn.lock index 92966d3b2..9e3b3084d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5865,10 +5865,6 @@ parse-asn1@^5.0.0: evp_bytestokey "^1.0.0" pbkdf2 "^3.0.3" -parse-duration@^0.1.1: - version "0.1.1" - resolved "https://registry.yarnpkg.com/parse-duration/-/parse-duration-0.1.1.tgz#13114ddc9891c1ecd280036244554de43647a226" - parse-glob@^3.0.4: version "3.0.4" resolved "https://registry.yarnpkg.com/parse-glob/-/parse-glob-3.0.4.tgz#b2c376cfb11f35513badd173ef0bb6e3a388391c" From 124ea19b525715ac6c626417e1646c11325ac6a3 Mon Sep 17 00:00:00 2001 From: Kim Gardner Date: Tue, 6 Jun 2017 12:03:12 -0400 Subject: [PATCH 3/3] Update en.yml --- locales/en.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/locales/en.yml b/locales/en.yml index 03fad3bc5..90182abb7 100644 --- a/locales/en.yml +++ b/locales/en.yml @@ -202,7 +202,7 @@ en: flag_reason: "Reason for reporting (Optional)" flag_username: "Report username" framework: - banned_account_msg: "Your account is currently suspended. This means that you cannot Like Report or write comments. Please contact us if you have any questions." + banned_account_msg: "Your account is currently banned. This means that you cannot Like, Report, or write comments. Please contact us if you have any questions." because_you_ignored: "Because you ignored the following commenters, their comments are hidden." comment: comment comment_is_ignored: "This comment is hidden because you ignored this user." @@ -322,7 +322,7 @@ en: bio: bio cancel: "Cancel" days: "{0} days" - description_0: "Would you like to temporarily ban this user because of their {0}? Doing so will temporarily hide their comments until they rewrite their {0}." + description_0: "Would you like to temporarily suspend this user because of their {0}? Doing so will temporarily hide their comments until they rewrite their {0}." description_1: "Suspending this user will temporarily disable their account and hide all of their comments on the site." description_notify: "Suspending this user will temporarily disable their account and hide all of their comments on the site." description_reject: "Would you like to temporarily ban this user because of their {0}? Doing so will temporarily hide their comments until they rewrite their {0}."