*: switch sessionId to server-side

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>

app.js

@@ -1,13 +1,15 @@
 const express = require('express');
+const session = require('express-session');
 const fs = require('fs');
 const path = require('path');
 const morgan = require('morgan');
 const bodyParser = require('body-parser');
 const sqlite3 = require('sqlite3').verbose();
 const bole = require('bole');
-const log = bole('app');
 
 const config = require('./config');
+
+const log = bole('app');
 const app = express();
 
 // Create an SQLite database and initialize tables
@@ -43,6 +45,11 @@ var accessLogStream = fs.createWriteStream(
 
 app.use(bodyParser.json());
 app.use(morgan("combined", { stream: accessLogStream }));
+app.use(session({
+  resave: false,
+  saveUninitialized: false,
+  secret: config.session_token,
+}));
 
 var animals;
 // check and load animals into redis
@@ -77,12 +84,25 @@ try {
 
 // Serve the HTML file
 app.get("/", (req, res) => {
+  if (typeof req.session.cookie.expires == "undefined") {
+    var hour = 3600000;
+    req.session.cookie.expires = new Date(Date.now() + hour);
+    req.session.cookie.maxAge = hour;
+  }
+
   res.sendFile(__dirname + "/index.html");
 });
 app.get("/asset/frontend.js", (req, res) => {
   res.sendFile(__dirname + "/asset/frontend.js");
 });
 
+app.get("/newSession", (req, res) => {
+  // XXX
+  log.info(req.session);
+  req.session.regenerate();
+  log.info(req.session);
+});
+
 // Route to get a random animal name
 app.get("/getNextAnimal", async (req, res) => {
   try {