*: switch sessionId to server-side

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>

app.js

@@ -1,13 +1,15 @@
 const express = require('express');
+const session = require('express-session');
 const fs = require('fs');
 const path = require('path');
 const morgan = require('morgan');
 const bodyParser = require('body-parser');
 const sqlite3 = require('sqlite3').verbose();
 const bole = require('bole');
-const log = bole('app');
 
 const config = require('./config');
+
+const log = bole('app');
 const app = express();
 
 // Create an SQLite database and initialize tables
@@ -43,6 +45,11 @@ var accessLogStream = fs.createWriteStream(
 
 app.use(bodyParser.json());
 app.use(morgan("combined", { stream: accessLogStream }));
+app.use(session({
+  resave: false,
+  saveUninitialized: false,
+  secret: config.session_token,
+}));
 
 var animals;
 // check and load animals into redis
@@ -77,12 +84,25 @@ try {
 
 // Serve the HTML file
 app.get("/", (req, res) => {
+  if (typeof req.session.cookie.expires == "undefined") {
+    var hour = 3600000;
+    req.session.cookie.expires = new Date(Date.now() + hour);
+    req.session.cookie.maxAge = hour;
+  }
+
   res.sendFile(__dirname + "/index.html");
 });
 app.get("/asset/frontend.js", (req, res) => {
   res.sendFile(__dirname + "/asset/frontend.js");
 });
 
+app.get("/newSession", (req, res) => {
+  // XXX
+  log.info(req.session);
+  req.session.regenerate();
+  log.info(req.session);
+});
+
 // Route to get a random animal name
 app.get("/getNextAnimal", async (req, res) => {
   try {

asset/frontend.js

@@ -2,14 +2,6 @@
 let sessionStartTime;
 let lastButtonClickTime;
 
-// Function to generate a random session ID
-function generateSessionId() {
-  return (
-    Math.random().toString(36).substring(2, 15) +
-    Math.random().toString(36).substring(2, 15)
-  );
-}
-
 // Function to fetch a random animal name from the server
 async function getNextAnimal() {
   try {
@@ -28,17 +20,20 @@ function getSessionId() {
     "$1",
   );
   if (!sessionId) {
-    const newSessionId = generateSessionId();
+    return newSession();
-    document.cookie = `sessionId=${newSessionId}`;
-    return newSessionId;
   }
   return sessionId;
 }
 
-function clearSessionId() {
+async function newSession() {
-  const newSessionId = generateSessionId();
-  document.cookie = `sessionId=${newSessionId}`;
   setSessionStartTime();
+  try {
+    const response = await fetch("/newSession");
+    const data = await response.json();
+    document.getElementById("animal-name").textContent = data.animalName;
+  } catch (error) {
+    console.error("Error fetching data:", error);
+  }
   getSessionId();
 }
 
@@ -56,20 +51,6 @@ function displayTimeDifference() {
   }
 }
 
-// Add click event listeners to the buttons
-document.getElementById("isCritterButton").addEventListener("click", () => {
-  recordButtonClick("is critter", getSessionId());
-});
-
-document.getElementById("isNotCritterButton").addEventListener("click", () => {
-  recordButtonClick("is not critter", getSessionId());
-});
-
-document.getElementById("startOverButton").addEventListener("click", () => {
-  clearSessionId();
-  getNextAnimal();
-});
-
 // Function to record button clicks on the server
 async function recordButtonClick(buttonName, sessionId) {
   try {
@@ -103,6 +84,20 @@ async function recordButtonClick(buttonName, sessionId) {
   }
 }
 
+// Add click event listeners to the buttons
+document.getElementById("isCritterButton").addEventListener("click", () => {
+  recordButtonClick("is critter", getSessionId());
+});
+
+document.getElementById("isNotCritterButton").addEventListener("click", () => {
+  recordButtonClick("is not critter", getSessionId());
+});
+
+document.getElementById("startOverButton").addEventListener("click", () => {
+  newSession();
+  getNextAnimal();
+});
+
 // Initial random animal load and session start time
 getNextAnimal();
 setSessionStartTime();

config.js

@@ -1,5 +1,5 @@
-var config = module.exports;
+const config = module.exports;
-var PRODUCTION = process.env.NODE_ENV === 'production';
+const PRODUCTION = process.env.NODE_ENV === 'production';
 const bole = require('bole');
 
 config.express = {
@@ -9,9 +9,11 @@ config.express = {
 
 if (PRODUCTION) {
   config.express.ip = '0.0.0.0';
-  config.db_path = "db/results.db";
+  config.db_path = 'db/results.db';
+  config.session_token = process.env.SESSION_TOKEN;
   bole.output({ level: 'info', stream: process.stdout })
 } else {
-  config.db_path = ":memory:";
+  config.db_path = ':memory:';
+  config.session_token = 'cat bag';
   bole.output({ level: 'debug', stream: process.stdout })
 }

package.json

@@ -18,11 +18,13 @@
     "body-parser": "^1.20.2",
     "bole": "^5.0.7",
     "express": "^4.18.2",
+    "express-session": "^1.17.3",
     "morgan": "^1.10.0",
     "sqlite3": "^5.1.6"
   },
   "devDependencies": {
     "jest": "^29.7.0",
+    "standard": "^17.1.0",
     "supertest": "^6.3.3"
   }
 }

server.js

@@ -1,6 +1,6 @@
+const bole = require('bole');
 const config = require('./config');
 const app = require('./app');
-const bole = require('bole');
 const log = bole('server');
 
 app.listen(config.express.port, config.express.ip, function(error) {