From e73c113e0d8250dee304478dcf6544ab1929722c Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 08:30:29 -0400 Subject: [PATCH 01/11] use mailgun since postmark has been deprecated --- app.json | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/app.json b/app.json index 5faa23bc2..a2e75404b 100644 --- a/app.json +++ b/app.json @@ -14,8 +14,7 @@ "required": true }, "NODE_ENV": "production", - "TALK_SMTP_PORT": "2525", - "REWRITE_ENV": "TALK_PORT:PORT,TALK_MONGO_URL:MONGO_URI,TALK_REDIS_URL:REDIS_URL,TALK_SMTP_HOST:POSTMARK_SMTP_SERVER,TALK_SMTP_USERNAME:POSTMARK_API_TOKEN,TALK_SMTP_PASSWORD:POSTMARK_API_TOKEN", + "REWRITE_ENV": "TALK_PORT:PORT,TALK_MONGO_URL:MONGO_URI,TALK_REDIS_URL:REDIS_URL,TALK_SMTP_HOST:MAILGUN_SMTP_SERVER,TALK_SMTP_PORT:MAILGUN_SMTP_PORT,TALK_SMTP_USERNAME:MAILGUN_SMTP_LOGIN,TALK_SMTP_PASSWORD:MAILGUN_SMTP_PASSWORD", "NPM_CONFIG_PRODUCTION": "false" }, "addons": [{ @@ -25,8 +24,8 @@ "plan": "rediscloud:30", "as": "REDIS" }, { - "plan": "postmark:10k", - "as": "POSTMARK" + "plan": "mailgun:starter", + "as": "MAILGUN" }], "image": "heroku/nodejs", "success_url": "/admin/install" From faecd80543171e533807cd6247c8a9cf86e96585 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 08:51:36 -0400 Subject: [PATCH 02/11] better handling for heroku dynamic port --- config.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config.js b/config.js index 4472af26e..f86f41f30 100644 --- a/config.js +++ b/config.js @@ -80,7 +80,7 @@ const CONFIG = { //------------------------------------------------------------------------------ // Port to bind to. - PORT: process.env.TALK_PORT || '3000', + PORT: process.env.TALK_PORT || || process.env.PORT || '3000', // The URL for this Talk Instance as viewable from the outside. ROOT_URL: process.env.TALK_ROOT_URL || null, From 4b7cc9ffcce37d8dbaee01df996047b05ee9e939 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 08:55:26 -0400 Subject: [PATCH 03/11] whoops --- app.json | 2 +- config.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app.json b/app.json index a2e75404b..2316d1d1a 100644 --- a/app.json +++ b/app.json @@ -14,7 +14,7 @@ "required": true }, "NODE_ENV": "production", - "REWRITE_ENV": "TALK_PORT:PORT,TALK_MONGO_URL:MONGO_URI,TALK_REDIS_URL:REDIS_URL,TALK_SMTP_HOST:MAILGUN_SMTP_SERVER,TALK_SMTP_PORT:MAILGUN_SMTP_PORT,TALK_SMTP_USERNAME:MAILGUN_SMTP_LOGIN,TALK_SMTP_PASSWORD:MAILGUN_SMTP_PASSWORD", + "REWRITE_ENV": "TALK_MONGO_URL:MONGO_URI,TALK_REDIS_URL:REDIS_URL,TALK_SMTP_HOST:MAILGUN_SMTP_SERVER,TALK_SMTP_PORT:MAILGUN_SMTP_PORT,TALK_SMTP_USERNAME:MAILGUN_SMTP_LOGIN,TALK_SMTP_PASSWORD:MAILGUN_SMTP_PASSWORD", "NPM_CONFIG_PRODUCTION": "false" }, "addons": [{ diff --git a/config.js b/config.js index f86f41f30..faa911c83 100644 --- a/config.js +++ b/config.js @@ -80,7 +80,7 @@ const CONFIG = { //------------------------------------------------------------------------------ // Port to bind to. - PORT: process.env.TALK_PORT || || process.env.PORT || '3000', + PORT: process.env.TALK_PORT || process.env.PORT || '3000', // The URL for this Talk Instance as viewable from the outside. ROOT_URL: process.env.TALK_ROOT_URL || null, From 2f3d7c5329802af6d4d2c53eea2711eaf7645ed7 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 09:17:51 -0400 Subject: [PATCH 04/11] set default root url --- app.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app.json b/app.json index 2316d1d1a..3c17023c4 100644 --- a/app.json +++ b/app.json @@ -13,6 +13,10 @@ "value": "", "required": true }, + "TALK_ROOT_URL": { + "value": "http://0.0.0.0", + "required": true + }, "NODE_ENV": "production", "REWRITE_ENV": "TALK_MONGO_URL:MONGO_URI,TALK_REDIS_URL:REDIS_URL,TALK_SMTP_HOST:MAILGUN_SMTP_SERVER,TALK_SMTP_PORT:MAILGUN_SMTP_PORT,TALK_SMTP_USERNAME:MAILGUN_SMTP_LOGIN,TALK_SMTP_PASSWORD:MAILGUN_SMTP_PASSWORD", "NPM_CONFIG_PRODUCTION": "false" From 28dafd3e07f73ed4029b6d20bca91d428cd2c9d8 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 09:27:52 -0400 Subject: [PATCH 05/11] update --- app.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app.json b/app.json index 3c17023c4..aefe25861 100644 --- a/app.json +++ b/app.json @@ -1,7 +1,7 @@ { "name": "The Coral Project: Talk", "env": { - "TALK_SESSION_SECRET": { + "TALK_JWT_SECRET": { "description": "The session secret", "generator": "secret" }, From 50caddee56d7d9c47368582c1a502add7aad9c27 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 09:47:40 -0400 Subject: [PATCH 06/11] update --- app.json | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/app.json b/app.json index aefe25861..b0db1dcde 100644 --- a/app.json +++ b/app.json @@ -5,6 +5,11 @@ "description": "The session secret", "generator": "secret" }, + "TALK_ROOT_URL": { + "description": "Please copy the App Name you choose above. If you did not choose one, please do so now and copy it here. Talk on Heroku will not work without this setting.", + "value":"https://.herokuapp.com", + "required": true + }, "TALK_FACEBOOK_APP_ID": { "value": "", "required": true @@ -13,10 +18,6 @@ "value": "", "required": true }, - "TALK_ROOT_URL": { - "value": "http://0.0.0.0", - "required": true - }, "NODE_ENV": "production", "REWRITE_ENV": "TALK_MONGO_URL:MONGO_URI,TALK_REDIS_URL:REDIS_URL,TALK_SMTP_HOST:MAILGUN_SMTP_SERVER,TALK_SMTP_PORT:MAILGUN_SMTP_PORT,TALK_SMTP_USERNAME:MAILGUN_SMTP_LOGIN,TALK_SMTP_PASSWORD:MAILGUN_SMTP_PASSWORD", "NPM_CONFIG_PRODUCTION": "false" From cc66f1b45953c3bff17dd7de5e1d3f9117206cc4 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 09:47:59 -0400 Subject: [PATCH 07/11] update --- app.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app.json b/app.json index b0db1dcde..6c85e3cc2 100644 --- a/app.json +++ b/app.json @@ -7,7 +7,7 @@ }, "TALK_ROOT_URL": { "description": "Please copy the App Name you choose above. If you did not choose one, please do so now and copy it here. Talk on Heroku will not work without this setting.", - "value":"https://.herokuapp.com", + "value":"https://.herokuapp.com", "required": true }, "TALK_FACEBOOK_APP_ID": { From 091d787e349ae32002b6d2d3d9dbc0a838c57019 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 10:02:16 -0400 Subject: [PATCH 08/11] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a58ac7c74..d1bcf2956 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ # Talk [![CircleCI](https://circleci.com/gh/coralproject/talk.svg?style=svg)](https://circleci.com/gh/coralproject/talk) +[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/coralproject/talk/tree/feature/heroku-deploy&env[TALK_FACEBOOK_APP_ID]=ignore&env[TALK_FACEBOOK_APP_SECRET]=ignore) Online comments are broken. Our open-source Talk tool rethinks how moderation, comment display, and conversation function, creating the opportunity for safer, smarter discussions around your work. [Read more about Talk here.](https://coralproject.net/products/talk.html) From fe0c32898d2de2814213845ac30d82d566c65a26 Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Fri, 25 Aug 2017 10:03:46 -0400 Subject: [PATCH 09/11] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d1bcf2956..4b12315e4 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # Talk [![CircleCI](https://circleci.com/gh/coralproject/talk.svg?style=svg)](https://circleci.com/gh/coralproject/talk) -[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy?template=https://github.com/coralproject/talk/tree/feature/heroku-deploy&env[TALK_FACEBOOK_APP_ID]=ignore&env[TALK_FACEBOOK_APP_SECRET]=ignore) +[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://dashboard.heroku.com/new?template=https%3A%2F%2Fgithub.com%2Fcoralproject%2Ftalk%2Ftree%2Ffeature%2Fheroku-deploy&env[TALK_FACEBOOK_APP_ID]=ignore&env[TALK_FACEBOOK_APP_SECRET]=ignore) Online comments are broken. Our open-source Talk tool rethinks how moderation, comment display, and conversation function, creating the opportunity for safer, smarter discussions around your work. [Read more about Talk here.](https://coralproject.net/products/talk.html) From 7c9e2297dffea8c8f159a18048e054abf363219b Mon Sep 17 00:00:00 2001 From: Jeff Nelson Date: Mon, 28 Aug 2017 09:54:20 -0400 Subject: [PATCH 10/11] don't hardcode branch --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4b12315e4..4bec86d07 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # Talk [![CircleCI](https://circleci.com/gh/coralproject/talk.svg?style=svg)](https://circleci.com/gh/coralproject/talk) -[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://dashboard.heroku.com/new?template=https%3A%2F%2Fgithub.com%2Fcoralproject%2Ftalk%2Ftree%2Ffeature%2Fheroku-deploy&env[TALK_FACEBOOK_APP_ID]=ignore&env[TALK_FACEBOOK_APP_SECRET]=ignore) +[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://dashboard.heroku.com/new?template=https%3A%2F%2Fgithub.com%2Fcoralproject%2Ftalk&env[TALK_FACEBOOK_APP_ID]=ignore&env[TALK_FACEBOOK_APP_SECRET]=ignore) Online comments are broken. Our open-source Talk tool rethinks how moderation, comment display, and conversation function, creating the opportunity for safer, smarter discussions around your work. [Read more about Talk here.](https://coralproject.net/products/talk.html) @@ -20,7 +20,7 @@ endpoint when the server is running with built assets. - Blog: https://blog.coralproject.net -- Community Guides for Journalism: https://guides.coralproject.net/ +- Community Guides for Journalism: https://guides.coralproject.net/ ## License From 057d8cabd2a0f952b1675c7716bf5b9ae38a98fc Mon Sep 17 00:00:00 2001 From: Wyatt Johnson Date: Mon, 28 Aug 2017 11:47:51 -0600 Subject: [PATCH 11/11] Increased debugging and optimized a query path --- graph/loaders/users.js | 17 +++- graph/setupFunctions.js | 117 +++++++++++++++++++++++ graph/subscriptions.js | 180 +++++++---------------------------- middleware/authentication.js | 6 ++ services/passport.js | 4 + 5 files changed, 178 insertions(+), 146 deletions(-) create mode 100644 graph/setupFunctions.js diff --git a/graph/loaders/users.js b/graph/loaders/users.js index f11effbd1..999ad1938 100644 --- a/graph/loaders/users.js +++ b/graph/loaders/users.js @@ -5,9 +5,20 @@ const util = require('./util'); const UsersService = require('../../services/users'); const UserModel = require('../../models/user'); -const genUserByIDs = (context, ids) => UsersService - .findByIdArray(ids) - .then(util.singleJoinBy(ids, 'id')); +const genUserByIDs = async (context, ids) => { + if (!ids || ids.length === 0) { + return []; + } + + if (ids.length === 1) { + const user = await UsersService.findById(ids[0]); + return [user]; + } + + return UsersService + .findByIdArray(ids) + .then(util.singleJoinBy(ids, 'id')); +}; /** * Retrieves users based on the passed in query that is filtered by the diff --git a/graph/setupFunctions.js b/graph/setupFunctions.js new file mode 100644 index 000000000..273aedfa2 --- /dev/null +++ b/graph/setupFunctions.js @@ -0,0 +1,117 @@ +const { + SUBSCRIBE_COMMENT_ACCEPTED, + SUBSCRIBE_COMMENT_REJECTED, + SUBSCRIBE_COMMENT_FLAGGED, + SUBSCRIBE_ALL_COMMENT_EDITED, + SUBSCRIBE_ALL_COMMENT_ADDED, + SUBSCRIBE_ALL_USER_SUSPENDED, + SUBSCRIBE_ALL_USER_BANNED, + SUBSCRIBE_ALL_USERNAME_REJECTED, +} = require('../perms/constants'); + +const merge = require('lodash/merge'); +const debug = require('debug')('talk:graph:setupFunctions'); +const plugins = require('../services/plugins'); + +/** + * Plugin support requires that we merge in existing setupFunctions with our new + * plugin based ones. This allows plugins to extend existing setupFunctions as well + * as provide new ones. + */ +const setupFunctions = plugins.get('server', 'setupFunctions').reduce((acc, {plugin, setupFunctions}) => { + debug(`added plugin '${plugin.name}'`); + + return merge(acc, setupFunctions); +}, { + commentAdded: (options, args) => ({ + commentAdded: { + filter: (comment, context) => { + if (!args.asset_id && (!context.user || !context.user.can(SUBSCRIBE_ALL_COMMENT_ADDED))) { + return false; + } + return !args.asset_id || comment.asset_id === args.asset_id; + } + }, + }), + commentEdited: (options, args) => ({ + commentEdited: { + filter: (comment, context) => { + if (!args.asset_id && (!context.user || !context.user.can(SUBSCRIBE_ALL_COMMENT_EDITED))) { + return false; + } + return !args.asset_id || comment.asset_id === args.asset_id; + } + }, + }), + commentFlagged: (options, args) => ({ + commentFlagged: { + filter: (comment, context) => { + if (!context.user || !context.user.can(SUBSCRIBE_COMMENT_FLAGGED)) { + return false; + } + return !args.asset_id || comment.asset_id === args.asset_id; + } + }, + }), + commentAccepted: (options, args) => ({ + commentAccepted: { + filter: (comment, context) => { + if (!context.user || !context.user.can(SUBSCRIBE_COMMENT_ACCEPTED)) { + return false; + } + return !args.asset_id || comment.asset_id === args.asset_id; + } + }, + }), + commentRejected: (options, args) => ({ + commentRejected: { + filter: (comment, context) => { + if (!context.user || !context.user.can(SUBSCRIBE_COMMENT_REJECTED)) { + return false; + } + return !args.asset_id || comment.asset_id === args.asset_id; + } + }, + }), + userSuspended: (options, args) => ({ + userSuspended: { + filter: (user, context) => { + if ( + !context.user + || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USER_SUSPENDED) + ) { + return false; + } + return !args.user_id || user.id === args.user_id; + } + }, + }), + userBanned: (options, args) => ({ + userBanned: { + filter: (user, context) => { + if ( + !context.user + || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USER_BANNED) + ) { + return false; + } + return !args.user_id || user.id === args.user_id; + } + }, + }), + usernameRejected: (options, args) => ({ + usernameRejected: { + filter: (user, context) => { + if ( + !context.user + || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USERNAME_REJECTED) + ) { + return false; + } + return !args.user_id || user.id === args.user_id; + } + }, + }), +}); + +module.exports = setupFunctions; diff --git a/graph/subscriptions.js b/graph/subscriptions.js index 71b8abc6a..59dd6e923 100644 --- a/graph/subscriptions.js +++ b/graph/subscriptions.js @@ -1,133 +1,56 @@ const {SubscriptionManager} = require('graphql-subscriptions'); const {SubscriptionServer} = require('subscriptions-transport-ws'); -const _ = require('lodash'); const debug = require('debug')('talk:graph:subscriptions'); const pubsub = require('../services/pubsub'); const schema = require('./schema'); const Context = require('./context'); -const plugins = require('../services/plugins'); const {deserializeUser} = require('../services/subscriptions'); +const setupFunctions = require('./setupFunctions'); const ms = require('ms'); const { KEEP_ALIVE } = require('../config'); -const { - SUBSCRIBE_COMMENT_ACCEPTED, - SUBSCRIBE_COMMENT_REJECTED, - SUBSCRIBE_COMMENT_FLAGGED, - SUBSCRIBE_ALL_COMMENT_EDITED, - SUBSCRIBE_ALL_COMMENT_ADDED, - SUBSCRIBE_ALL_USER_SUSPENDED, - SUBSCRIBE_ALL_USER_BANNED, - SUBSCRIBE_ALL_USERNAME_REJECTED, -} = require('../perms/constants'); - const {BASE_PATH} = require('../url'); -/** - * Plugin support requires that we merge in existing setupFunctions with our new - * plugin based ones. This allows plugins to extend existing setupFunctions as well - * as provide new ones. - */ -const setupFunctions = plugins.get('server', 'setupFunctions').reduce((acc, {plugin, setupFunctions}) => { - debug(`added plugin '${plugin.name}'`); +const onConnect = ({token}, connection) => { - return _.merge(acc, setupFunctions); -}, { - commentAdded: (options, args) => ({ - commentAdded: { - filter: (comment, context) => { - if (!args.asset_id && (!context.user || !context.user.can(SUBSCRIBE_ALL_COMMENT_ADDED))) { - return false; - } - return !args.asset_id || comment.asset_id === args.asset_id; - } - }, - }), - commentEdited: (options, args) => ({ - commentEdited: { - filter: (comment, context) => { - if (!args.asset_id && (!context.user || !context.user.can(SUBSCRIBE_ALL_COMMENT_EDITED))) { - return false; - } - return !args.asset_id || comment.asset_id === args.asset_id; - } - }, - }), - commentFlagged: (options, args) => ({ - commentFlagged: { - filter: (comment, context) => { - if (!context.user || !context.user.can(SUBSCRIBE_COMMENT_FLAGGED)) { - return false; - } - return !args.asset_id || comment.asset_id === args.asset_id; - } - }, - }), - commentAccepted: (options, args) => ({ - commentAccepted: { - filter: (comment, context) => { - if (!context.user || !context.user.can(SUBSCRIBE_COMMENT_ACCEPTED)) { - return false; - } - return !args.asset_id || comment.asset_id === args.asset_id; - } - }, - }), - commentRejected: (options, args) => ({ - commentRejected: { - filter: (comment, context) => { - if (!context.user || !context.user.can(SUBSCRIBE_COMMENT_REJECTED)) { - return false; - } - return !args.asset_id || comment.asset_id === args.asset_id; - } - }, - }), - userSuspended: (options, args) => ({ - userSuspended: { - filter: (user, context) => { - if ( - !context.user - || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USER_SUSPENDED) - ) { - return false; - } - return !args.user_id || user.id === args.user_id; - } - }, - }), - userBanned: (options, args) => ({ - userBanned: { - filter: (user, context) => { - if ( - !context.user - || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USER_BANNED) - ) { - return false; - } - return !args.user_id || user.id === args.user_id; - } - }, - }), - usernameRejected: (options, args) => ({ - usernameRejected: { - filter: (user, context) => { - if ( - !context.user - || args.user_id !== user.id && !context.user.can(SUBSCRIBE_ALL_USERNAME_REJECTED) - ) { - return false; - } - return !args.user_id || user.id === args.user_id; - } - }, - }), -}); + // Attach the token from the connection options if it was provided. + if (token) { + + debug('token sent via onConnect, attaching to the headers of the upgrade request'); + + // Attach it to the upgrade request. + connection.upgradeReq.headers['authorization'] = `Bearer ${token}`; + } +}; + +const onOperation = (parsedMessage, baseParams, connection) => { + + // Cache the upgrade request. + let upgradeReq = connection.upgradeReq; + + // Attach the context per request. + baseParams.context = async () => { + let req; + + try { + req = await deserializeUser(upgradeReq); + debug(`user ${req.user ? 'was' : 'was not'} on websocket request`); + } catch (e) { + console.error(e); + + return new Context({}); + } + + return new Context(req); + }; + + return baseParams; +}; /** * This creates a new subscription manager. @@ -138,37 +61,8 @@ const createSubscriptionManager = (server) => new SubscriptionServer({ pubsub: pubsub.getClient(), setupFunctions, }), - onConnect: ({token}, connection) => { - - // Attach the token from the connection options if it was provided. - if (token) { - - // Attach it to the upgrade request. - connection.upgradeReq.headers['authorization'] = `Bearer ${token}`; - } - }, - onOperation: (parsedMessage, baseParams, connection) => { - - // Cache the upgrade request. - let upgradeReq = connection.upgradeReq; - - // Attach the context per request. - baseParams.context = async () => { - let req; - - try { - req = await deserializeUser(upgradeReq); - } catch (e) { - console.error(e); - - return new Context({}); - } - - return new Context(req); - }; - - return baseParams; - }, + onConnect, + onOperation, keepAlive: ms(KEEP_ALIVE) }, { server, diff --git a/middleware/authentication.js b/middleware/authentication.js index ca6949a5c..3e4b3fbff 100644 --- a/middleware/authentication.js +++ b/middleware/authentication.js @@ -1,16 +1,22 @@ const {passport} = require('../services/passport'); +const debug = require('debug')('talk:middleware:authentication'); const authentication = (req, res, next) => passport.authenticate('jwt', { session: false }, (err, user) => { if (err) { + debug(`cannot get the user: ${err}`); return next(err); } if (user) { + debug('user was on request'); + // Attach the user to the request object, now that we know it exists. req.user = user; + } else { + debug('user was not on request'); } next(); diff --git a/services/passport.js b/services/passport.js index 14a2134ce..4e5bbd708 100644 --- a/services/passport.js +++ b/services/passport.js @@ -54,11 +54,14 @@ const GenerateToken = (user) => { const SetTokenForSafari = (req, res, token) => { const browser = bowser._detect(req.headers['user-agent']); if (browser.ios || browser.safari) { + debug('browser was safari/ios, setting a cookie'); res.cookie(JWT_SIGNING_COOKIE_NAME, token, { httpOnly: true, secure: process.env.NODE_ENV === 'production', expires: new Date(Date.now() + ms(JWT_EXPIRY)) }); + } else { + debug('browser wasn\'t safari/ios, didn\'t set a cookie'); } }; @@ -170,6 +173,7 @@ const HandleLogout = (req, res, next) => { // Only clear the cookie on logout if enabled. if (JWT_CLEAR_COOKIE_LOGOUT) { + debug('clearing the login cookie'); res.clearCookie(JWT_SIGNING_COOKIE_NAME); }