diff --git a/src/handlers/verify.ts b/src/handlers/verify.ts index fca6b43..34114a3 100644 --- a/src/handlers/verify.ts +++ b/src/handlers/verify.ts @@ -3,9 +3,7 @@ import { Request, Response } from 'express' import { SiweErrorType, SiweMessage } from 'siwe' import { createOrUpdateUser } from '../services/prisma' -const provider = new ethers.JsonRpcProvider( - `https://rpc.walletconnect.com/v1?chainId=eip155:1&projectId=${process.env.WALLETCONNECT_PROJECT_ID}` -) +const provider = new ethers.JsonRpcProvider(`https://rpc.walletconnect.com/v1?chainId=eip155:1&projectId=${process.env.WALLETCONNECT_PROJECT_ID}`) export const verifyAndSignIn = async (req: Request, res: Response) => { try { @@ -25,12 +23,14 @@ export const verifyAndSignIn = async (req: Request, res: Response) => { ) req.session.siwe = fields.data - if (!fields.data.expirationTime) { - return res.status(422).json({ - message: 'Expected expirationTime to be set.' - }) + + const expirationTime = fields.data.expirationTime + if (expirationTime) { + req.session.cookie.expires = new Date(expirationTime) + } else { + // 7 days from now + req.session.cookie.expires = new Date(new Date().getTime() + 7 * 24 * 60 * 60 * 1000) } - req.session.cookie.expires = new Date(fields.data.expirationTime) const { accessToken, refreshToken } = await createOrUpdateUser(fields.data) diff --git a/src/index.ts b/src/index.ts index 9bbbbb9..cd19659 100644 --- a/src/index.ts +++ b/src/index.ts @@ -36,13 +36,19 @@ if (!REDIS_PASSWORD) { throw new ReferenceError('REDIS_PASSWORD missing in environment variables') } +const isProd = process.env.NODE_ENV === 'production' +const isDev = process.env.NODE_ENV === 'development' + const prismaClient = new PrismaClient() // Initialize redis client const redisClient = new Redis({ host: REDIS_HOST ?? 'redis', port: REDIS_PORT ? parseInt(REDIS_PORT, 10) : 6379, - password: REDIS_PASSWORD + password: REDIS_PASSWORD, + tls: { + rejectUnauthorized: isProd ? true : false + } }) // Initialize connect-redis store for express-session @@ -58,9 +64,6 @@ app.disable('x-powered-by') app.use(express.json()) app.set('trust proxy', 1) -const isProd = process.env.NODE_ENV === 'production' -const isDev = process.env.NODE_ENV === 'development' - const allowedOrigins = isProd ? ['https://cloud.walletconnect.com'] : ['http://localhost', 'https://wc-cloud-staging.vercel.app', /\.?-walletconnect1\.vercel\.app$/] @@ -69,11 +72,7 @@ const corsOptions: CorsOptions = { credentials: true, methods: ['OPTIONS', 'GET', 'POST'], origin: (origin, callback) => { - if ( - !origin || - isDev || - allowedOrigins.some((allowedOrigin) => new RegExp(allowedOrigin).test(origin)) - ) { + if (!origin || isDev || allowedOrigins.some((allowedOrigin) => new RegExp(allowedOrigin).test(origin))) { callback(null, true) } else { callback(new Error(`Origin ${origin} is not allowed by CORS`))