trust proxy setting, session save for redirect

2025-12-06 08:04:06 +00:00 · 2025-03-21 20:01:17 -07:00 · 2025-03-21 20:01:17 -07:00 · 4a059ce6bd
commit 4a059ce6bd
parent 1fbab107a2
2 changed files with 15 additions and 10 deletions
--- a/controllers/auth.ts
+++ b/controllers/auth.ts
@ -96,10 +96,17 @@ const callback: RequestHandler = async (req, res) => {
        username: resp.data.display_name ?? "",
        id: resp.data.id,
      };
-
+      req.session.save((err) => {
+        if (err) {
+          res.status(500).send({ message: "Login failed" });
+          logger.error("req.session.save", { err });
+        } else {
          // res.status(200).send({ message: "OK" });
          res.redirect(process.env["SPOTMGR_APP_URI"] + "?login=success");
          logger.debug("New login.", { username: resp.data.display_name });
+        }
+        return null;
+      });
      return null;
    }
  } catch (error) {
--- a/index.ts
+++ b/index.ts
@ -25,18 +25,16 @@ import logger from "./utils/logger.ts";
 const app = express();

 // check env vars
-if (
-  isNaN(Number(process.env["SPOTMGR_TRUST_PROXY"])) ||
-  ![0, 1].includes(Number(process.env["SPOTMGR_TRUST_PROXY"]))
-) {
-  throw new TypeError("SPOTMGR_TRUST_PROXY must be 0 or 1");
+const trustProxySetting = Number(process.env["SPOTMGR_TRUST_PROXY"]);
+if (isNaN(trustProxySetting)) {
+  throw new TypeError("SPOTMGR_TRUST_PROXY must be a number");
 }
 if (!process.env["SPOTMGR_SESSION_SECRET"]) {
  throw new TypeError("SPOTMGR_SESSION_SECRET cannot be undefined");
 }

 // Enable this if you run behind a proxy (e.g. nginx)
-app.set("trust proxy", process.env["SPOTMGR_TRUST_PROXY"]);
+app.set("trust proxy", trustProxySetting);

 const redisStore = new RedisStore({ client: redisClient });