mozilla
/
blurts-server
зеркало из https://github.com/mozilla/blurts-server.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

fix #1148: redis sessions; add MAX_NUMBER_ADDRESSES

This commit is contained in:
Luke Crouch 2020-07-10 20:24:13 -05:00
Родитель c9cb58be89
Коммит 23d6a29bf7
10 изменённых файлов: 272 добавлений и 91 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

3
.env-dist
Просмотреть файл

@ -76,3 +76,6 @@ PRODUCT_PROMOS_ENABLED=1
# Experiment Flag
EXPERIMENT_ACTIVE=0
REDIS_URL=redis://127.0.0.1:6379
MAX_NUM_ADDRESSES=5

1
.gitignore поставляемый
Просмотреть файл

@ -1,4 +1,5 @@
node_modules
.node-version
.env
coverage
.coveralls.yml

2
app-constants.js
Просмотреть файл

@ -42,9 +42,11 @@ const kEnvironmentVariables = [
"DATABASE_URL",
"PAGE_TOKEN_TIMER",
"PRODUCT_PROMOS_ENABLED",
"REDIS_URL",
"SENTRY_DSN",
"DELETE_UNVERIFIED_SUBSCRIBERS_TIMER",
"EXPERIMENT_ACTIVE",
"MAX_NUM_ADDRESSES",
];
const AppConstants = { };

22
controllers/user.js
Просмотреть файл

@ -106,8 +106,7 @@ async function add(req, res) {
throw new FluentError("user-add-invalid-email");
}
// TODO: remove this when https://github.com/mozilla/blurts-server/issues/1148 is fixed
if (sessionUser.email_addresses.length >= 15) {
if (sessionUser.email_addresses.length >= AppConstants.MAX_NUM_ADDRESSES) {
throw new FluentError("user-add-too-many-emails");
}
_checkForDuplicateEmail(sessionUser, email);
@ -365,7 +364,7 @@ async function postRemoveFxm(req, res) {
await DB.removeSubscriber(sessionUser);
await FXA.revokeOAuthTokens(sessionUser);
req.session.reset();
req.session.destroy();
res.redirect("/");
}
@ -503,7 +502,7 @@ async function postUnsubscribe(req, res) {
return res.redirect("/user/preferences");
}
await FXA.revokeOAuthTokens(unsubscribedUser);
req.session.reset();
req.session.destroy();
res.redirect("/");
}
@ -563,7 +562,20 @@ async function getBreachStats(req, res) {
function logout(req, res) {
req.session.reset();
// Growth Experiment
if (EXPERIMENTS_ENABLED && req.session.experimentFlags) {
// Persist experimentBranch across session reset
const sessionExperimentFlags = req.session.experimentFlags;
req.session.destroy(() => {
req.session = {experimentFlags: sessionExperimentFlags};
});
// Return
res.redirect("/");
return;
}
req.session.destroy();
res.redirect("/");
}

296
package-lock.json сгенерированный
Просмотреть файл

@ -1489,6 +1489,20 @@
"integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
"dev": true
},
"locate-path": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz",
"integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==",
"requires": {
"p-locate": "^4.1.0"
}
},
"lodash": {
"version": "4.17.19",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz",
"integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==",
"dev": true
},
"mimic-fn": {
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz",
@ -1516,6 +1530,42 @@
"mimic-fn": "^2.1.0"
}
},
"p-limit": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz",
"integrity": "sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==",
"requires": {
"p-try": "^2.0.0"
}
},
"p-locate": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz",
"integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==",
"requires": {
"p-limit": "^2.2.0"
}
},
"p-try": {
"version": "2.2.0",
"resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz",
"integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ=="
},
"path-exists": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
"integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w=="
},
"readable-stream": {
"version": "3.5.0",
"resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.5.0.tgz",
"integrity": "sha512-gSz026xs2LfxBPudDuI41V1lka8cxg64E66SGe78zJlsUofOg/yqwezdIcdfwik6B4h8LFmWPA9ef9X3FiNFLA==",
"requires": {
"inherits": "^2.0.3",
"string_decoder": "^1.1.1",
"util-deprecate": "^1.0.1"
}
},
"readdirp": {
"version": "3.4.0",
"resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.4.0.tgz",
@ -3117,11 +3167,6 @@
"type-is": "~1.6.17"
},
"dependencies": {
"bytes": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz",
"integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg=="
},
"http-errors": {
"version": "1.7.2",
"resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz",
@ -3142,37 +3187,10 @@
"safer-buffer": ">= 2.1.2 < 3"
}
},
"mime-db": {
"version": "1.44.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz",
"integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg=="
},
"mime-types": {
"version": "2.1.27",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz",
"integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==",
"requires": {
"mime-db": "1.44.0"
}
},
"qs": {
"version": "6.7.0",
"resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz",
"integrity": "sha512-VCdBRNFTX1fyE7Nb6FYoURo/SPe62QCaAyzJvUjwRaIsc+NePBEniHlvxFmmX56+HZphIGtV0XeCirBtpDrTyQ=="
},
"setprototypeof": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.1.tgz",
"integrity": "sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw=="
},
"type-is": {
"version": "1.6.18",
"resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz",
"integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==",
"requires": {
"media-typer": "0.3.0",
"mime-types": "~2.1.24"
}
}
}
},
@ -3446,6 +3464,11 @@
"resolved": "https://registry.npmjs.org/byte-length/-/byte-length-1.0.2.tgz",
"integrity": "sha512-ovBpjmsgd/teRmgcPh23d4gJvxDoXtAzEL9xTfMU8Yc2kqCDb7L9jAG0XHl1nzuGl+h3ebCIF1i62UFyA9V/2Q=="
},
"bytes": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz",
"integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg=="
},
"cac": {
"version": "3.0.4",
"resolved": "https://registry.npmjs.org/cac/-/cac-3.0.4.tgz",
@ -3852,14 +3875,6 @@
}
}
},
"client-sessions": {
"version": "0.8.0",
"resolved": "https://registry.npmjs.org/client-sessions/-/client-sessions-0.8.0.tgz",
"integrity": "sha1-p9jFVYrV1W8qGZ81M+tlS134k/0=",
"requires": {
"cookies": "^0.7.0"
}
},
"cliui": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/cliui/-/cliui-4.1.0.tgz",
@ -4013,6 +4028,11 @@
"xdg-basedir": "^4.0.0"
}
},
"connect-redis": {
"version": "5.0.0",
"resolved": "https://registry.npmjs.org/connect-redis/-/connect-redis-5.0.0.tgz",
"integrity": "sha512-R4nTW5uXeG5s6zr/q4abmtcdloglZrL/A3cpa0JU0RLFJU4mTR553HUY8OZ0ngeySkGDclwQ5xmCcjjKkxdOSg=="
},
"console-control-strings": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz",
@ -4069,15 +4089,6 @@
"resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
"integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw="
},
"cookies": {
"version": "0.7.1",
"resolved": "https://registry.npmjs.org/cookies/-/cookies-0.7.1.tgz",
"integrity": "sha1-fIphX1SBxhq58WyDNzG8uPZjuZs=",
"requires": {
"depd": "~1.1.1",
"keygrip": "~1.0.2"
}
},
"copy-descriptor": {
"version": "0.1.1",
"resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz",
@ -4624,6 +4635,11 @@
"integrity": "sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=",
"dev": true
},
"denque": {
"version": "1.4.1",
"resolved": "https://registry.npmjs.org/denque/-/denque-1.4.1.tgz",
"integrity": "sha512-OfzPuSZKGcgr96rf1oODnfjqBFmr1DVoc/TrItj3Ohe0Ah1C5WX5Baquw/9U9KovnQ88EqmJbD66rKYUQYN1tQ=="
},
"depd": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz",
@ -5413,11 +5429,53 @@
"negotiator": "0.6.2"
}
},
"body-parser": {
"version": "1.19.0",
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.0.tgz",
"integrity": "sha512-dhEPs72UPbDnAQJ9ZKMNTP6ptJaionhP5cBb541nXPlW60Jepo9RV/a4fX4XWW9CuFNK22krhrj1+rgzifNCsw==",
"requires": {
"bytes": "3.1.0",
"content-type": "~1.0.4",
"debug": "2.6.9",
"depd": "~1.1.2",
"http-errors": "1.7.2",
"iconv-lite": "0.4.24",
"on-finished": "~2.3.0",
"qs": "6.7.0",
"raw-body": "2.4.0",
"type-is": "~1.6.17"
}
},
"bytes": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz",
"integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg=="
},
"cookie": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz",
"integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg=="
},
"http-errors": {
"version": "1.7.2",
"resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz",
"integrity": "sha512-uUQBt3H/cSIVfch6i1EuPNy/YsRSOUBXTVfZ+yR7Zjez3qjBz6i9+i4zjNaoqcoFVI4lQJ5plg63TvGfRSDCRg==",
"requires": {
"depd": "~1.1.2",
"inherits": "2.0.3",
"setprototypeof": "1.1.1",
"statuses": ">= 1.5.0 < 2",
"toidentifier": "1.0.0"
}
},
"iconv-lite": {
"version": "0.4.24",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
"integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==",
"requires": {
"safer-buffer": ">= 2.1.2 < 3"
}
},
"mime-db": {
"version": "1.44.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz",
@ -5451,6 +5509,17 @@
"resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
"integrity": "sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg=="
},
"raw-body": {
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.0.tgz",
"integrity": "sha512-4Oz8DUIwdvoa5qMJelxipzi/iJIi40O5cGV1wNYp5hvZP8ZN0T+jiNkL0QepXs+EsQ9XJ8ipEDoiH70ySUJP3Q==",
"requires": {
"bytes": "3.1.0",
"http-errors": "1.7.2",
"iconv-lite": "0.4.24",
"unpipe": "1.0.0"
}
},
"type-is": {
"version": "1.6.18",
"resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz",
@ -5501,6 +5570,51 @@
}
}
},
"express-session": {
"version": "1.17.1",
"resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.1.tgz",
"integrity": "sha512-UbHwgqjxQZJiWRTMyhvWGvjBQduGCSBDhhZXYenziMFjxst5rMV+aJZ6hKPHZnPyHGsrqRICxtX8jtEbm/z36Q==",
"requires": {
"cookie": "0.4.0",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "~2.0.0",
"on-headers": "~1.0.2",
"parseurl": "~1.3.3",
"safe-buffer": "5.2.0",
"uid-safe": "~2.1.5"
},
"dependencies": {
"cookie": {
"version": "0.4.0",
"resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz",
"integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg=="
},
"depd": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
"integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
},
"parseurl": {
"version": "1.3.3",
"resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
"integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="
},
"safe-buffer": {
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz",
"integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg=="
},
"uid-safe": {
"version": "2.1.5",
"resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
"integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
"requires": {
"random-bytes": "~1.0.0"
}
}
}
},
"extend": {
"version": "3.0.2",
"resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
@ -6178,7 +6292,10 @@
"full-icu": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/full-icu/-/full-icu-1.3.1.tgz",
"integrity": "sha512-VMtK//85QJomhk3cXOCksNwOYaw1KWnYTS37GYGgyf7A3ajdBoPGhaJuJWAH2S2kq8GZeXkdKn+3Mfmgy11cVw=="
"integrity": "sha512-VMtK//85QJomhk3cXOCksNwOYaw1KWnYTS37GYGgyf7A3ajdBoPGhaJuJWAH2S2kq8GZeXkdKn+3Mfmgy11cVw==",
"requires": {
"icu4c-data": "^0.64.2"
}
},
"function-bind": {
"version": "1.1.1",
@ -6827,6 +6944,11 @@
"safer-buffer": ">= 2.1.2 < 3"
}
},
"icu4c-data": {
"version": "0.64.2",
"resolved": "https://registry.npmjs.org/icu4c-data/-/icu4c-data-0.64.2.tgz",
"integrity": "sha512-BPuTfkRTkplmK1pNrqgyOLJ0qB2UcQ12EotVLwiWh4ErtZR1tEYoRZk/LBLmlDfK5v574/lQYLB4jT9vApBiBQ=="
},
"ieee754": {
"version": "1.1.13",
"resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.13.tgz",
@ -8711,11 +8833,6 @@
"verror": "1.10.0"
}
},
"keygrip": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/keygrip/-/keygrip-1.0.2.tgz",
"integrity": "sha1-rTKXxVcGneqLz+ek+kkbdcXd65E="
},
"keyv": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/keyv/-/keyv-3.0.0.tgz",
@ -10634,6 +10751,11 @@
"ee-first": "1.1.1"
}
},
"on-headers": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz",
"integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA=="
},
"once": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
@ -11854,9 +11976,9 @@
}
},
"minimist": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
"integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=",
"version": "1.2.5",
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw==",
"dev": true
},
"ms": {
@ -12381,11 +12503,6 @@
"unpipe": "1.0.0"
},
"dependencies": {
"bytes": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz",
"integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg=="
},
"http-errors": {
"version": "1.7.2",
"resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz",
@ -12405,11 +12522,6 @@
"requires": {
"safer-buffer": ">= 2.1.2 < 3"
}
},
"setprototypeof": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.1.tgz",
"integrity": "sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw=="
}
}
},
@ -12550,6 +12662,35 @@
"strip-indent": "^2.0.0"
}
},
"redis": {
"version": "3.0.2",
"resolved": "https://registry.npmjs.org/redis/-/redis-3.0.2.tgz",
"integrity": "sha512-PNhLCrjU6vKVuMOyFu7oSP296mwBkcE6lrAjruBYG5LgdSqtRBoVQIylrMyVZD/lkF24RSNNatzvYag6HRBHjQ==",
"requires": {
"denque": "^1.4.1",
"redis-commands": "^1.5.0",
"redis-errors": "^1.2.0",
"redis-parser": "^3.0.0"
}
},
"redis-commands": {
"version": "1.5.0",
"resolved": "https://registry.npmjs.org/redis-commands/-/redis-commands-1.5.0.tgz",
"integrity": "sha512-6KxamqpZ468MeQC3bkWmCB1fp56XL64D4Kf0zJSwDZbVLLm7KFkoIcHrgRvQ+sk8dnhySs7+yBg94yIkAK7aJg=="
},
"redis-errors": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/redis-errors/-/redis-errors-1.2.0.tgz",
"integrity": "sha1-62LSrbFeTq9GEMBK/hUpOEJQq60="
},
"redis-parser": {
"version": "3.0.0",
"resolved": "https://registry.npmjs.org/redis-parser/-/redis-parser-3.0.0.tgz",
"integrity": "sha1-tm2CjNyv5rS4pCin3vTGvKwxyLQ=",
"requires": {
"redis-errors": "^1.0.0"
}
},
"referrer-policy": {
"version": "1.2.0",
"resolved": "https://registry.npmjs.org/referrer-policy/-/referrer-policy-1.2.0.tgz",
@ -12701,6 +12842,14 @@
"dev": true,
"requires": {
"lodash": "^4.17.15"
},
"dependencies": {
"lodash": {
"version": "4.17.19",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz",
"integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==",
"dev": true
}
}
},
"request-promise-native": {
@ -14788,7 +14937,6 @@
"version": "1.6.18",
"resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz",
"integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==",
"dev": true,
"requires": {
"media-typer": "0.3.0",
"mime-types": "~2.1.24"
@ -14797,14 +14945,12 @@
"mime-db": {
"version": "1.44.0",
"resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz",
"integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==",
"dev": true
"integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg=="
},
"mime-types": {
"version": "2.1.27",
"resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz",
"integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==",
"dev": true,
"requires": {
"mime-db": "1.44.0"
}
@ -15902,6 +16048,12 @@
"path-exists": "^3.0.0"
}
},
"lodash": {
"version": "4.17.19",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz",
"integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==",
"dev": true
},
"p-limit": {
"version": "2.3.0",
"resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.3.0.tgz",

4
package.json
Просмотреть файл

@ -14,14 +14,15 @@
"body-parser": "1.19.0",
"clean-css-cli": "4.3.0",
"client-oauth2": "4.3.2",
"client-sessions": "0.8.0",
"concat": "1.0.3",
"connect-redis": "5.0.0",
"cpr": "3.0.1",
"csurf": "1.11.0",
"dotenv": "8.2.0",
"express": "4.17.1",
"express-bearer-token": "2.4.0",
"express-handlebars": "5.1.0",
"express-session": "1.17.1",
"fluent": "0.12.0",
"fluent-langneg": "0.2.0",
"full-icu": "1.3.1",
@ -38,6 +39,7 @@
"nodemailer-express-handlebars": "3.3.0",
"npm-run-all": "4.1.5",
"pg": "7.18.2",
"redis": "3.0.2",
"sns-validator": "0.3.4",
"uuid": "3.4.0"
},

25
server.js
Просмотреть файл

@ -8,10 +8,12 @@ Sentry.init({
environment: AppConstants.NODE_ENV,
});
const connectRedis = require("connect-redis");
const express = require("express");
const exphbs = require("express-handlebars");
const helmet = require("helmet");
const sessions = require("client-sessions");
const redis = require("redis");
const session = require("express-session");
const { URL } = require("url");
const EmailUtils = require("./email-utils");
@ -35,6 +37,9 @@ const EmailL10nRoutes= require("./routes/email-l10n");
const BreachRoutes= require("./routes/breach-details");
const log = mozlog("server");
const redisStore = connectRedis(session);
const redisClient = redis.createClient({url: AppConstants.REDIS_URL });
const app = express();
@ -149,24 +154,28 @@ const hbs = exphbs.create({
app.engine("hbs", hbs.engine);
app.set("view engine", "hbs");
const cookie = {httpOnly: true, sameSite: "lax"};
// TODO: refactor all templates to use constants.VAR
// instead of assigning these 1-by-1 to app.locales
app.locals.constants = AppConstants;
app.locals.FXA_ENABLED = AppConstants.FXA_ENABLED;
app.locals.SERVER_URL = AppConstants.SERVER_URL;
app.locals.MAX_NUM_ADDRESSES = AppConstants.MAX_NUM_ADDRESSES;
app.locals.EXPERIMENT_ACTIVE = AppConstants.EXPERIMENT_ACTIVE;
app.locals.LOGOS_ORIGIN = AppConstants.LOGOS_ORIGIN;
app.locals.UTM_SOURCE = new URL(AppConstants.SERVER_URL).hostname;
const SESSION_DURATION_HOURS = AppConstants.SESSION_DURATION_HOURS || 48;
app.use(sessions({
cookieName: "session",
app.use(session({
cookie: {
httpOnly: true,
maxAge: SESSION_DURATION_HOURS * 60 * 60 * 1000, // 48 hours
rolling: true,
sameSite: "lax",
},
resave: false,
saveUninitialized: true,
secret: AppConstants.COOKIE_SECRET,
duration: SESSION_DURATION_HOURS * 60 * 60 * 1000, // 48 hours
activeDuration: SESSION_DURATION_HOURS * 60 * 60 * 1000, // 48 hours
cookie: cookie,
store: new redisStore({ client: redisClient }),
}));
app.use(pickLanguage);

4
tests/controllers/user.test.js
Просмотреть файл

@ -482,7 +482,7 @@ test("user/remove-fxm GET request with valid session returns 200 and renders rem
test("user remove-fxm POST request with valid session removes from DB and revokes FXA OAuth token", async () => {
const req = {
fluentFormat: jest.fn(),
session: { user: TEST_SUBSCRIBERS.firefox_account, reset: jest.fn() },
session: { user: TEST_SUBSCRIBERS.firefox_account, destroy: jest.fn() },
user: TEST_SUBSCRIBERS.firefox_account,
};
const resp = httpMocks.createResponse();
@ -495,7 +495,7 @@ test("user remove-fxm POST request with valid session removes from DB and revoke
const subscriber = await DB.getEmailByToken(TEST_SUBSCRIBERS.firefox_account.primary_verification_token);
expect(subscriber).toBeUndefined();
expect(FXA.revokeOAuthTokens).toHaveBeenCalledTimes(1);
expect(req.session.reset).toHaveBeenCalledTimes(1);
expect(req.session.destroy).toHaveBeenCalledTimes(1);
});

2
views/partials/dashboards/breaches-dash.hbs
Просмотреть файл

@ -49,7 +49,7 @@
</div>
{{/getBreachesDashboard}}
{{!-- TODO: remove this when https://github.com/mozilla/blurts-server/issues/1148 is fixed --}}
{{#ifCompare verifiedEmails.length "<" 15}}
{{#ifCompare verifiedEmails.length "<" MAX_NUM_ADDRESSES}}
<div class="row jst-cntr">
<div id="dashboard-add-email" class="dashboard-add-email flx flx-col">
<h2 class="section-headline txt-purple7 txt-cntr">{{getString "want-to-add" }}</h2>

4
views/partials/dashboards/preferences.hbs
Просмотреть файл

@ -40,10 +40,10 @@
<!-- Add New Email Form -->
{{!-- TODO: remove this when https://github.com/mozilla/blurts-server/issues/1148 is fixed --}}
{{#ifCompare emails.total ">=" 15}}
{{#ifCompare emails.total ">=" MAX_NUM_ADDRESSES}}
<h4 class="email-pref">{{ getString "user-add-too-many-emails" }}</h4>
{{/ifCompare}}
{{#ifCompare emails.total "<" 15}}
{{#ifCompare emails.total "<" MAX_NUM_ADDRESSES}}
<h4 class="email-pref add-new">{{ getString "add-new-email" }}</h4>
{{> forms/add-another-email-form csrfToken=../csrfToken}}
{{/ifCompare}}