cookieAuth.ttl not overwriting keepAlive ttl

Question

cookieAuth.ttl not overwriting keepAlive ttl

antoniosanmartin opened this issue 7 years ago · 2 comments

I am using the plugin for an API REST using hapi 16.6.2 and hapi-auth-cookie 7.0.0. I set the keepAlive : true in the plugin initialization. In the login controller I have a "remember me" parameter which sets the ttl (request.cookieAuth.ttl) for 15 days. This is not posible as the keepAlive function overwrites with the default ttl. ¿Am I missing something? ¿Is not the right approach for a remember me?

Answer 1 · 2019-03-10T09:33:34.000Z

Late response but hope can be useful to others facing this issue.

You can use the lifecycle events to workaround the issue.
In the login handler store a "remember" flag in the cookie, then listen to onCredentials to update the ttl overridden by keepAlive according to this flag.
Something like this:

const rememberMeTtl = 15 * 24 * 60 * 60; // 15 days

server.ext('onCredentials', (req, h) => {

    const session = req.state.sid;

    if (session && session.remember) {
        req.cookieAuth.ttl(rememberMeTtl);
    }

    return h.continue;
});

server.route({
    method: 'POST',
    path: '/login',
    // other options ...
    handler(req, h) {

        // your login logic ...

        req.cookieAuth.set(userData);

        if (req.payload.rememberMe) {
            req.cookieAuth.set('remember', true);
            req.cookieAuth.ttl(rememberMeTtl);
        }
    }
});

Answer 2 · 2020-01-09T02:00:21.000Z

This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.