This commit is contained in:
Alec Armbruster 2023-06-30 10:04:01 -04:00
parent c804cf958a
commit 7743fa98b9
No known key found for this signature in database
GPG key ID: 52BC7C84E960FD1B
3 changed files with 13 additions and 21 deletions

View file

@ -1,5 +1,5 @@
import type { NextFunction, Request, Response } from "express"; import type { NextFunction, Request, Response } from "express";
import { isRequestAuthenticated } from "./utils/is-request-authenticated"; import { hasJwtCookie } from "./utils/has-jwt-cookie";
export function setDefaultCsp({ export function setDefaultCsp({
res, res,
@ -22,18 +22,13 @@ export function setDefaultCsp({
// interval is rather arbitrary and could be set higher (less server load) or lower (fresher data). // interval is rather arbitrary and could be set higher (less server load) or lower (fresher data).
// //
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control
export function setCacheControl({ export function setCacheControl(
res, req: Request,
req, res: Response,
next, next: NextFunction
}: { ) {
res: Response;
req: Request;
next: NextFunction;
}) {
let caching: string; let caching: string;
// Avoid any sort of caching in development
if (process.env.NODE_ENV !== "production") { if (process.env.NODE_ENV !== "production") {
return next(); return next();
} }
@ -45,7 +40,7 @@ export function setCacheControl({
// Static content gets cached publicly for a day // Static content gets cached publicly for a day
caching = "public, max-age=86400"; caching = "public, max-age=86400";
} else { } else {
if (isRequestAuthenticated(req)) { if (hasJwtCookie(req)) {
caching = "private"; caching = "private";
} else { } else {
caching = "public, max-age=5"; caching = "public, max-age=5";

View file

@ -0,0 +1,6 @@
import * as cookie from "cookie";
import type { Request } from "express";
export function hasJwtCookie(req: Request): boolean {
return Boolean(cookie.parse(req.headers.cookie ?? "").jwt?.length);
}

View file

@ -1,9 +0,0 @@
import type { Request } from "express";
export function isRequestAuthenticated(req: Request): boolean {
if (!req.headers.cookie) {
return false;
}
return req.headers.cookie?.split("; ").some(c => c.startsWith("jwt"));
}